Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
fAatfRnCZ5.exe

Overview

General Information

Sample name:fAatfRnCZ5.exe
renamed because original name is a hash value
Original sample name:34c4c90a0f30142be902016f1d223176598c74506bbf516cca52fb89bdd72f55.exe
Analysis ID:1578208
MD5:ce1c7e9a3fd9c2d0e3ad4b9deff11abf
SHA1:b9a35b3907a6611be1c9f36ef3c1455a99ae2756
SHA256:34c4c90a0f30142be902016f1d223176598c74506bbf516cca52fb89bdd72f55
Tags:51-15-17-193exeuser-JAMESWT_MHT
Infos:

Detection

Score:52
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for submitted file
Potentially malicious time measurement code found
Binary contains a suspicious time stamp
Contains functionality for execution timing, often used to detect debuggers
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to shutdown / reboot the system
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Drops PE files
Extensive use of GetProcAddress (often used to hide API calls)
Found dropped PE file which has not been started or loaded
Found evasive API chain checking for process token information
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
PE file contains sections with non-standard names
Queries the volume information (name, serial number etc) of a device
Sample file is different than original file name gathered from version info

Classification

Process Tree

  • System is w10x64
  • fAatfRnCZ5.exe (PID: 7836 cmdline: "C:\Users\user\Desktop\fAatfRnCZ5.exe" MD5: CE1C7E9A3FD9C2D0E3AD4B9DEFF11ABF)
    • fAatfRnCZ5.exe (PID: 1732 cmdline: "C:\Users\user\Desktop\fAatfRnCZ5.exe" MD5: CE1C7E9A3FD9C2D0E3AD4B9DEFF11ABF)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Multi AV Scanner detection for submitted file
Source: fAatfRnCZ5.exeVirustotal: Detection: 7%Perma Link
Source: fAatfRnCZ5.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\mediaservice\qtmedia_audioengine.pdb++ source: fAatfRnCZ5.exe, 00000005.00000003.1330824200.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsvg\plugins\imageformats\qsvg.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1329542475.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsensors\plugins\sensorgestures\qtsensorgestures_plugin.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1335286752.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsvg\plugins\iconengines\qsvgicon.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1328850664.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\geoservices\qtgeoservices_itemsoverlay.pdb!! source: fAatfRnCZ5.exe, 00000005.00000003.1328016924.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\position\qtposition_serialnmea.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1333217731.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\generic\qtuiotouchplugin.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1327320991.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtserialport\lib\Qt5SerialPort.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1303463975.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\audio\qtaudio_wasapi.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1326861116.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_lzma.pdbMM source: fAatfRnCZ5.exe, 00000008.00000002.1686323668.00007FF83290B000.00000002.00000001.01000000.00000010.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\imageformats\qico.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1329184577.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\position\qtposition_positionpoll.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1332952630.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\mediaservice\qtmedia_audioengine.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1330824200.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtquick3d\qml\QtQuick3D\Effects\qtquick3deffectplugin.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1357125504.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\position\qtposition_winrt.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1333624592.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsensors\plugins\sensors\qtsensors_generic.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1335635517.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\bearer\qgenericbearer.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1327178324.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: d:\agent\_work\1\s\\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1325801437.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtdeclarative\lib\Qt5QmlWorkerScript.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1297605749.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: @ compiler: cl /Zi /Fdossl_static.pdb /Gs0 /GF /Gy /MD /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASMOpenSSL 1.1.1t 7 Feb 2023built on: Thu Feb 9 15:27:40 2023 UTCplatform: VC-WIN64A-masmOPENSSLDIR: "C:\Program Files\Common Files\SSL"ENGINESDIR: "C:\Program Files\OpenSSL\lib\engines-1_1"not available source: fAatfRnCZ5.exe, 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmp
Source: Binary string: d:\a01\_work\12\s\\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1688856452.00007FF838B91000.00000002.00000001.01000000.00000006.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_hashlib.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1687731230.00007FF838AA6000.00000002.00000001.01000000.0000000D.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtquick3d\qml\QtQuick3D\Helpers\qtquick3dhelpersplugin.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1358159682.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtspeech\lib\Qt5TextToSpeech.pdb!! source: fAatfRnCZ5.exe, 00000005.00000003.1304532194.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\imageformats\qico.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1329184577.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtdeclarative\qml\Qt\labs\sharedimage\sharedimageplugin.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1466647419.0000022DCC6A9000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\generic\qtuiotouchplugin.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1327320991.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\bearer\qgenericbearer.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1327178324.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\lib\Qt5Gui.pdb source: Qt5Gui.dll.5.dr
Source: Binary string: D:\a\1\b\bin\amd64\_lzma.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1686323668.00007FF83290B000.00000002.00000001.01000000.00000010.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_bz2.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1687197164.00007FF833ABD000.00000002.00000001.01000000.0000000F.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\geoservices\qtgeoservices_itemsoverlay.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1328016924.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\lib\Qt5Location.pdb source: Qt5Location.dll.5.dr
Source: Binary string: D:\a\1\b\bin\amd64\_socket.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1688605863.00007FF838B68000.00000002.00000001.01000000.00000007.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\position\qtposition_serialnmea.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1333217731.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: d:\agent\_work\1\s\\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1325615097.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtimageformats\plugins\imageformats\qtiff.pdbBB source: fAatfRnCZ5.exe, 00000005.00000003.1329845656.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\platformthemes\qxdgdesktopportal.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1332615439.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\position\qtposition_winrt.pdb## source: fAatfRnCZ5.exe, 00000005.00000003.1333624592.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\unicodedata.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmp
Source: Binary string: d:\agent\_work\1\s\\binaries\amd64ret\bin\amd64\\msvcp140_1.amd64.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1314568236.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtquick3d\qml\QtQuick3D\Materials\qtquick3dmaterialplugin.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1372281367.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\audio\qtaudio_wasapi.pdb)) source: fAatfRnCZ5.exe, 00000005.00000003.1326861116.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtimageformats\plugins\imageformats\qtiff.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1329845656.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\imageformats\qgif.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1328961219.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\libssl-1_1.pdb@@ source: fAatfRnCZ5.exe, 00000008.00000002.1686834911.00007FF832996000.00000002.00000001.01000000.0000000B.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\printsupport\windowsprintersupport.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1334024715.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtquick3d\lib\Qt5Quick3DUtils.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1300985228.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: compiler: cl /Zi /Fdossl_static.pdb /Gs0 /GF /Gy /MD /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM source: fAatfRnCZ5.exe, 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtimageformats\plugins\imageformats\qtga.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1329694125.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\audio\qtaudio_windows.pdb&& source: fAatfRnCZ5.exe, 00000005.00000003.1327037823.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsensors\plugins\sensorgestures\qtsensorgestures_shakeplugin.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1335499258.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\playlistformats\qtmultimedia_m3u.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1332753580.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qt3d\plugins\geometryloaders\defaultgeometryloader.pdb!! source: fAatfRnCZ5.exe, 00000005.00000003.1327508882.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtspeech\lib\Qt5TextToSpeech.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1304532194.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\libcrypto-1_1.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsensors\plugins\sensorgestures\qtsensorgestures_plugin.pdb11 source: fAatfRnCZ5.exe, 00000005.00000003.1335286752.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtimageformats\plugins\imageformats\qicns.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1329074682.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\libssl-1_1.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1686834911.00007FF832996000.00000002.00000001.01000000.0000000B.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\select.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1688365462.00007FF838B53000.00000002.00000001.01000000.00000008.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtserialport\lib\Qt5SerialPort.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1303463975.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\python310.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1684979288.00007FF820ECF000.00000002.00000001.01000000.00000005.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_queue.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1688003115.00007FF838B43000.00000002.00000001.01000000.0000000E.sdmp
Source: Binary string: C:\Users\qt\work\qt\qt3d\plugins\geometryloaders\gltfgeometryloader.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1327700432.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\audio\qtaudio_windows.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1327037823.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qt3d\plugins\geometryloaders\defaultgeometryloader.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1327508882.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtimageformats\plugins\imageformats\qwbmp.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1330202784.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\lib\libEGL.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1310839968.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_ssl.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1687379724.00007FF83426D000.00000002.00000001.01000000.00000009.sdmp
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF651748E90 FindFirstFileW,RemoveDirectoryW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,5_2_00007FF651748E90
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF65174A110 FindFirstFileExW,FindClose,5_2_00007FF65174A110
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF651762704 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,5_2_00007FF651762704
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF65174A110 FindFirstFileExW,FindClose,8_2_00007FF65174A110
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF651762704 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,8_2_00007FF651762704
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF651748E90 FindFirstFileW,RemoveDirectoryW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,8_2_00007FF651748E90
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82083322E _errno,malloc,_errno,MultiByteToWideChar,GetLastError,MultiByteToWideChar,MultiByteToWideChar,free,_errno,FindFirstFileW,_errno,FindNextFileW,WideCharToMultiByte,8_2_00007FF82083322E
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designerJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\EffectsJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5Jump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3DJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qmlJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5Jump to behavior
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficDNS traffic detected: DNS query: viltrac.com
Source: fAatfRnCZ5.exe, 00000008.00000002.1681839555.0000019F86000000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://.../back.jpeg
Source: fAatfRnCZ5.exe, 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpString found in binary or memory: http://.css
Source: fAatfRnCZ5.exe, 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpString found in binary or memory: http://.jpg
Source: fAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://a.tile.thunderforest.com/landscape/%z/%x/%y.png
Source: fAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://a.tile.thunderforest.com/outdoors/%z/%x/%y.png
Source: fAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://a.tile.thunderforest.com/transport-dark/%z/%x/%y.png
Source: fAatfRnCZ5.exe, 00000005.00000003.1328182691.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://api.tiles.mapbox.com/v4/
Source: fAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://c.tile.opencyclemap.org/cycle/%z/%x/%y.png
Source: fAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://c.tile.openstreetmap.org/%z/%x/%y.png
Source: fAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://c.tile2.opencyclemap.org/transport/%z/%x/%y.png
Source: fAatfRnCZ5.exe, 00000005.00000003.1310839968.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredID
Source: fAatfRnCZ5.exe, 00000005.00000003.1303191765.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329184577.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302396619.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329542475.0000022DCC67C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1299787623.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301285335.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326067624.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1296426483.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1295258895.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300325743.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1335286752.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302735029.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326482601.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1330992237.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358159682.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329694125.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301885870.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300125457.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1303463975.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1328182691.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
Source: fAatfRnCZ5.exe, 00000005.00000003.1303191765.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329184577.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302396619.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1299787623.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301285335.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326067624.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1296426483.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1295258895.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300325743.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1335286752.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302735029.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326482601.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1330992237.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358159682.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329694125.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301885870.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300125457.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1303463975.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1328182691.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1310839968.0000022DCC67C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301099919.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
Source: fAatfRnCZ5.exe, 00000005.00000003.1303191765.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329184577.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302396619.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329542475.0000022DCC67C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1299787623.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301285335.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326067624.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1296426483.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1295258895.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300325743.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1335286752.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302735029.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326482601.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1330992237.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358159682.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329694125.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301885870.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300125457.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1303463975.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1328182691.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0
Source: fAatfRnCZ5.exe, 00000008.00000003.1662719082.0000019F8599C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1671869870.0000019F8599C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665176641.0000019F8599C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1675802244.0000019F8599D000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665911520.0000019F8599C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660162436.0000019F8599C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F8599C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://code.activestate.com/recipes/577452-a-memoize-decorator-for-instance-methods/
Source: fAatfRnCZ5.exe, 00000008.00000003.1661644262.0000019F85D53000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662605766.0000019F85D45000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85D12000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663013189.0000019F85D5A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660998886.0000019F85D10000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662411451.0000019F85D36000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1681265521.0000019F85D5A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661289089.0000019F85D1A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662325438.0000019F85D2B000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661376493.0000019F85D20000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662077369.0000019F85D54000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.certigna.fr/certignarootca.crl01
Source: fAatfRnCZ5.exe, 00000008.00000003.1663290464.0000019F85924000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1676377507.0000019F833E0000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661045598.0000019F8591F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1667473081.0000019F85928000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1675579367.0000019F85931000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F858D4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659724793.0000019F8591C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06
Source: fAatfRnCZ5.exe, 00000008.00000003.1662155703.0000019F85CF5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F858D4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661181354.0000019F85CF3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1680857141.0000019F85CF5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1671095110.0000019F858F4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F858D4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1666452369.0000019F858F3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663739479.0000019F858F2000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663148391.0000019F858D7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/COMODOCertificationAuthority.crl
Source: fAatfRnCZ5.exe, 00000008.00000003.1663773281.0000019F854DF000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660357531.0000019F854B1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590588964.0000019F854A4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661240960.0000019F854B3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1667863566.0000019F854E0000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1671246957.0000019F854E1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670803702.0000019F854E0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/COMODOCertificationAuthority.crl0
Source: fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F858D4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1671095110.0000019F858F4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F858D4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1666452369.0000019F858F3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663739479.0000019F858F2000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663148391.0000019F858D7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/COMODOCertificationAuthority.crlZid
Source: fAatfRnCZ5.exe, 00000008.00000003.1662155703.0000019F85CF5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661181354.0000019F85CF3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1680857141.0000019F85CF5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/COMODOCertificationAuthority.crlb
Source: fAatfRnCZ5.exe, 00000008.00000003.1661644262.0000019F85D53000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662605766.0000019F85D45000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85D12000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663013189.0000019F85D5A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660998886.0000019F85D10000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662411451.0000019F85D36000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1681265521.0000019F85D5A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661289089.0000019F85D1A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662325438.0000019F85D2B000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661376493.0000019F85D20000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662077369.0000019F85D54000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.dhimyotis.com/certignarootca.crl
Source: fAatfRnCZ5.exe, 00000008.00000003.1661644262.0000019F85D53000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85D12000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660998886.0000019F85D10000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661289089.0000019F85D1A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661376493.0000019F85D20000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.dhimyotis.com/certignarootca.crlo
Source: fAatfRnCZ5.exe, 00000008.00000002.1679034775.0000019F858AF000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670947676.0000019F858AE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670763461.0000019F858AD000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8587B000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1669314893.0000019F8588D000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660067514.0000019F85881000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F85887000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.securetrust.com/SGCA.crl
Source: fAatfRnCZ5.exe, 00000008.00000003.1662719082.0000019F8599C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F859BE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663562430.0000019F859C3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660162436.0000019F8599C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.securetrust.com/SGCA.crl0
Source: fAatfRnCZ5.exe, 00000008.00000002.1679034775.0000019F858AF000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670947676.0000019F858AE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670763461.0000019F858AD000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8587B000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1669314893.0000019F8588D000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660067514.0000019F85881000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F85887000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.securetrust.com/STCA.crl
Source: fAatfRnCZ5.exe, 00000008.00000003.1662719082.0000019F8599C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F859BE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663562430.0000019F859C3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660162436.0000019F8599C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.securetrust.com/STCA.crl0
Source: fAatfRnCZ5.exe, 00000008.00000002.1679034775.0000019F858AF000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670947676.0000019F858AE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670763461.0000019F858AD000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8587B000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1669314893.0000019F8588D000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660067514.0000019F85881000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F85887000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.securetrust.com/STCA.crl3
Source: fAatfRnCZ5.exe, 00000008.00000002.1679034775.0000019F858AF000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670947676.0000019F858AE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670763461.0000019F858AD000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8587B000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1669314893.0000019F8588D000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660067514.0000019F85881000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F85887000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.xrampsecurity.com/XGCA.crl
Source: fAatfRnCZ5.exe, 00000008.00000003.1663290464.0000019F85924000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661045598.0000019F8591F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1667473081.0000019F85928000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670144680.0000019F85933000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F858D4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659724793.0000019F8591C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.xrampsecurity.com/XGCA.crl0
Source: fAatfRnCZ5.exe, 00000005.00000003.1303191765.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329184577.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302396619.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1299787623.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301285335.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326067624.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1296426483.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1295258895.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300325743.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1335286752.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302735029.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326482601.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1330992237.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358159682.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329694125.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301885870.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300125457.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1303463975.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1328182691.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1486306546.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1310839968.0000022DCC67C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
Source: fAatfRnCZ5.exe, 00000005.00000003.1303191765.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329184577.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302396619.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329542475.0000022DCC67C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1299787623.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301285335.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326067624.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1296426483.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1295258895.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300325743.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1335286752.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302735029.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326482601.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1330992237.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358159682.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329694125.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301885870.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300125457.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1303463975.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1328182691.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P
Source: fAatfRnCZ5.exe, 00000005.00000003.1303191765.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329184577.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302396619.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1299787623.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301285335.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326067624.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1296426483.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1295258895.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300325743.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1335286752.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302735029.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326482601.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1330992237.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358159682.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329694125.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301885870.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300125457.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1303463975.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1328182691.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1310839968.0000022DCC67C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301099919.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
Source: fAatfRnCZ5.exe, 00000005.00000003.1330360977.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl
Source: fAatfRnCZ5.exe, 00000005.00000003.1303191765.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329184577.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302396619.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329542475.0000022DCC67C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1299787623.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301285335.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326067624.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1296426483.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1295258895.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300325743.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1335286752.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302735029.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326482601.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1330992237.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358159682.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329694125.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301885870.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300125457.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1303463975.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1328182691.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl02
Source: fAatfRnCZ5.exe, 00000005.00000003.1308413883.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert
Source: fAatfRnCZ5.exe, 00000005.00000003.1327508882.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/D
Source: fAatfRnCZ5.exe, 00000005.00000003.1297605749.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/Digi
Source: fAatfRnCZ5.exe, 00000005.00000003.1303191765.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329184577.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302396619.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329542475.0000022DCC67C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1299787623.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301285335.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326067624.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1296426483.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1295258895.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300325743.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1335286752.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302735029.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326482601.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1330992237.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358159682.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329694125.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301885870.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300125457.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1303463975.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1328182691.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
Source: fAatfRnCZ5.exe, 00000005.00000003.1303191765.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329184577.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302396619.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1299787623.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301285335.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326067624.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1296426483.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1295258895.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300325743.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1335286752.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302735029.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326482601.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1330992237.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358159682.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329694125.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301885870.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300125457.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1303463975.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1328182691.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1310839968.0000022DCC67C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301099919.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0L
Source: fAatfRnCZ5.exe, 00000005.00000003.1303191765.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329184577.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302396619.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329542475.0000022DCC67C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1299787623.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301285335.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326067624.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1296426483.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1295258895.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300325743.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1335286752.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302735029.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326482601.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1330992237.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358159682.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329694125.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301885870.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300125457.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1303463975.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1328182691.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/sha2-assured-ts.crl0
Source: fAatfRnCZ5.exe, 00000008.00000002.1681839555.0000019F860DC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://curl.haxx.se/rfc/cookie_spec.html
Source: fAatfRnCZ5.exe, 00000005.00000003.1327844588.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://geocode.arcgis.com/arcgis/rest/services/World/GeocodeServer/findAddressCandidates
Source: fAatfRnCZ5.exe, 00000005.00000003.1327844588.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://geocode.arcgis.com/arcgis/rest/services/World/GeocodeServer/reverseGeocode
Source: fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F858D4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659724793.0000019F8591C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://google.com/
Source: fAatfRnCZ5.exe, 00000008.00000003.1661045598.0000019F8591F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F858D4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659724793.0000019F8591C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1679449832.0000019F8591F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://google.com/mail/
Source: fAatfRnCZ5.exe, 00000005.00000002.1696578049.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1675211324.0000019F858E6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F858D4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1666621446.0000019F858DE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1664066340.0000019F858DE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1671020032.0000019F858DE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665621109.0000019F858B3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8587B000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F858D4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660067514.0000019F85881000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F85887000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663148391.0000019F858D7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://hg.python.org/cpython/file/603b4d593758/Lib/socket.py#l535
Source: fAatfRnCZ5.exe, 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpString found in binary or memory: http://html4/loose.dtd
Source: fAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://maps-redirect.qt.io/osm/5.8/
Source: fAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://nominatim.openstreetmap.org/search
Source: fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85D12000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660998886.0000019F85D10000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661289089.0000019F85D1A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.accv.es
Source: fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85D12000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662465338.0000019F85D1C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660998886.0000019F85D10000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1681031810.0000019F85D1E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661289089.0000019F85D1A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.accv.es0
Source: fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85D12000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660998886.0000019F85D10000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661289089.0000019F85D1A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.accv.esOI
Source: fAatfRnCZ5.exe, 00000005.00000003.1303191765.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329184577.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302396619.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329542475.0000022DCC67C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1299787623.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301285335.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326067624.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1296426483.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1295258895.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300325743.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1335286752.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302735029.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326482601.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1330992237.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358159682.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329694125.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301885870.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300125457.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1303463975.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1328182691.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0C
Source: fAatfRnCZ5.exe, 00000005.00000003.1303191765.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329184577.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302396619.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1299787623.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301285335.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326067624.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1296426483.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1295258895.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300325743.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1335286752.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302735029.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326482601.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1330992237.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358159682.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329694125.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301885870.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300125457.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1303463975.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1328182691.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1310839968.0000022DCC67C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301099919.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0N
Source: fAatfRnCZ5.exe, 00000005.00000003.1303191765.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329184577.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302396619.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329542475.0000022DCC67C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1299787623.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301285335.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326067624.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1296426483.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1295258895.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300325743.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1335286752.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302735029.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326482601.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1330992237.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358159682.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329694125.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301885870.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300125457.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1303463975.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1328182691.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0O
Source: fAatfRnCZ5.exe, 00000008.00000003.1662719082.0000019F8599C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1680177892.0000019F859FE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1671869870.0000019F8599C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1679926460.0000019F8599E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665176641.0000019F8599C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1675802244.0000019F8599D000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665911520.0000019F8599C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659601664.0000019F859F2000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661602101.0000019F859FD000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660162436.0000019F8599C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662632015.0000019F859FE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1591153575.0000019F859F2000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F8599C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://repository.swisssign.com/
Source: fAatfRnCZ5.exe, 00000008.00000002.1680177892.0000019F859FE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659601664.0000019F859F2000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661602101.0000019F859FD000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662632015.0000019F859FE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1591153575.0000019F859F2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://repository.swisssign.com/f
Source: fAatfRnCZ5.exe, 00000005.00000003.1327844588.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://route.arcgis.com/arcgis/rest/services/World/Route/NAServer/Route_World/solve
Source: fAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://router.project-osrm.org/route/v1/driving/
Source: fAatfRnCZ5.exe, 00000005.00000002.1696578049.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1680350376.0000019F85B74000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://tools.ietf.org/html/rfc6125#section-6.4.3
Source: fAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://wiki.openstreetmap.org/wiki/Special:Export/Nominatim/Special_Phrases/
Source: fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85D12000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662465338.0000019F85D1C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660998886.0000019F85D10000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1681031810.0000019F85D1E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661289089.0000019F85D1A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1.crt0
Source: fAatfRnCZ5.exe, 00000008.00000003.1661996111.0000019F85D0D000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1680947660.0000019F85D0D000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl
Source: fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85D12000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662465338.0000019F85D1C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660998886.0000019F85D10000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1681031810.0000019F85D1E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661289089.0000019F85D1A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl0
Source: fAatfRnCZ5.exe, 00000008.00000003.1663983427.0000019F85848000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1666325561.0000019F85849000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1671380365.0000019F85853000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8581E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660858920.0000019F85821000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663702623.0000019F85847000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.accv.es/legislacion_c.htm
Source: fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85D12000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662465338.0000019F85D1C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660998886.0000019F85D10000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1681031810.0000019F85D1E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661289089.0000019F85D1A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.accv.es/legislacion_c.htm0U
Source: fAatfRnCZ5.exe, 00000008.00000003.1663983427.0000019F85848000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1666325561.0000019F85849000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1671380365.0000019F85853000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660858920.0000019F85821000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663702623.0000019F85847000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.accv.es/legislacion_c.htmbb
Source: fAatfRnCZ5.exe, 00000008.00000003.1663983427.0000019F85848000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1666325561.0000019F85849000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1671380365.0000019F85853000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85D12000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8581E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662465338.0000019F85D1C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660998886.0000019F85D10000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660858920.0000019F85821000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1681031810.0000019F85D1E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661289089.0000019F85D1A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663702623.0000019F85847000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.accv.es00
Source: Qt5Gui.dll.5.drString found in binary or memory: http://www.aiim.org/pdfa/ns/id/
Source: fAatfRnCZ5.exe, 00000008.00000003.1661376493.0000019F85D20000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.cert.fnmt.es/dpcs/
Source: fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85D12000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.cert.fnmt.es/dpcs/B
Source: Qt5Gui.dll.5.drString found in binary or memory: http://www.color.org)
Source: fAatfRnCZ5.exe, 00000008.00000003.1661479370.0000019F85445000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1664182590.0000019F85446000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662605766.0000019F85D45000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1673739995.0000019F85447000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85D12000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663499334.0000019F85445000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660998886.0000019F85D10000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662411451.0000019F85D36000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661289089.0000019F85D1A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662325438.0000019F85D2B000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660411898.0000019F85444000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661376493.0000019F85D20000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.firmaprofesional.com/cps0
Source: fAatfRnCZ5.exe, 00000005.00000003.1275146697.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1520789489.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1520789489.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1520737480.0000022DCC6A9000.00000004.00000020.00020000.00000000.sdmp, qsplashscreen.sip.5.dr, qtoolbar.sip.5.dr, qmediacontainercontrol.sip.5.dr, QtSvg.pyi.5.dr, qgeoserviceprovider.sip.5.dr, qcameraviewfindersettingscontrol.sip.5.dr, QtDBus.pyi.5.dr, qgraphicsproxywidget.sip.5.dr, qstylefactory.sip.5.dr, qnetworkconfigmanager.sip.5.dr, qcameracontrol.sip.5.dr, qmediacontrol.sip.5.dr, qplaceicon.sip.5.dr, qgeorouterequest.sip.5.dr, qgraphicsanchorlayout.sip.5.dr, qwidget.sip.5.dr, qhelpfilterengine.sip.5.drString found in binary or memory: http://www.gnu.org/copyleft/gpl.html.
Source: TabBar.qml.5.dr, ProgressBar.qml.5.dr, SpinBoxSpecifics.qml.5.dr, RoundButtonSpecifics.qml.5.dr, CheckBoxSpecifics.qml.5.dr, StackViewSpecifics.qml.5.dr, ToolButton.qml2.5.dr, DialSpecifics.qml.5.dr, MenuItem.qml0.5.dr, GroupBox.qml.5.dr, ToolBarSpecifics.qml.5.dr, SwipeView.qml0.5.dr, PaneSection.qml.5.dr, SpinBox.qml1.5.dr, ContainerSection.qml.5.dr, PaneSpecifics.qml.5.dr, RangeSliderSpecifics.qml.5.dr, ScrollBar.qml1.5.dr, ToolSeparatorSpecifics.qml.5.dr, Slider.qml0.5.dr, ControlSection.qml.5.drString found in binary or memory: http://www.gnu.org/licenses/gpl-2.0.html.
Source: fAatfRnCZ5.exe, 00000008.00000003.1670947676.0000019F858AE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670763461.0000019F858AD000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8587B000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1669314893.0000019F8588D000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660067514.0000019F85881000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F85887000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-6
Source: fAatfRnCZ5.exeString found in binary or memory: http://www.opensource.org/licenses/mit-license.ph
Source: fAatfRnCZ5.exeString found in binary or memory: http://www.opensource.org/licenses/mit-license.php.B
Source: fAatfRnCZ5.exe, 00000005.00000003.1325389171.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1313513558.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.openssl.org/V
Source: fAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.openstreetmap.org/copyright
Source: TabBar.qml.5.dr, ProgressBar.qml.5.dr, SpinBoxSpecifics.qml.5.dr, RoundButtonSpecifics.qml.5.dr, CheckBoxSpecifics.qml.5.dr, StackViewSpecifics.qml.5.dr, ToolButton.qml2.5.dr, DialSpecifics.qml.5.dr, MenuItem.qml0.5.dr, GroupBox.qml.5.dr, ToolBarSpecifics.qml.5.dr, SwipeView.qml0.5.dr, PaneSection.qml.5.dr, SpinBox.qml1.5.dr, ContainerSection.qml.5.dr, PaneSpecifics.qml.5.dr, RangeSliderSpecifics.qml.5.dr, ScrollBar.qml1.5.dr, ToolSeparatorSpecifics.qml.5.dr, Slider.qml0.5.dr, ControlSection.qml.5.drString found in binary or memory: http://www.qt.io/contact-us.
Source: TabBar.qml.5.dr, ProgressBar.qml.5.dr, SpinBoxSpecifics.qml.5.dr, RoundButtonSpecifics.qml.5.dr, CheckBoxSpecifics.qml.5.dr, StackViewSpecifics.qml.5.dr, ToolButton.qml2.5.dr, DialSpecifics.qml.5.dr, MenuItem.qml0.5.dr, GroupBox.qml.5.dr, ToolBarSpecifics.qml.5.dr, SwipeView.qml0.5.dr, PaneSection.qml.5.dr, SpinBox.qml1.5.dr, ContainerSection.qml.5.dr, PaneSpecifics.qml.5.dr, RangeSliderSpecifics.qml.5.dr, ScrollBar.qml1.5.dr, ToolSeparatorSpecifics.qml.5.dr, Slider.qml0.5.dr, ControlSection.qml.5.drString found in binary or memory: http://www.qt.io/licensing/
Source: TabBar.qml.5.dr, ProgressBar.qml.5.dr, SpinBoxSpecifics.qml.5.dr, RoundButtonSpecifics.qml.5.dr, CheckBoxSpecifics.qml.5.dr, StackViewSpecifics.qml.5.dr, ToolButton.qml2.5.dr, DialSpecifics.qml.5.dr, MenuItem.qml0.5.dr, GroupBox.qml.5.dr, ToolBarSpecifics.qml.5.dr, SwipeView.qml0.5.dr, PaneSection.qml.5.dr, SpinBox.qml1.5.dr, ContainerSection.qml.5.dr, PaneSpecifics.qml.5.dr, RangeSliderSpecifics.qml.5.dr, ScrollBar.qml1.5.dr, ToolSeparatorSpecifics.qml.5.dr, Slider.qml0.5.dr, ControlSection.qml.5.drString found in binary or memory: http://www.qt.io/terms-conditions.
Source: fAatfRnCZ5.exe, 00000008.00000002.1680825218.0000019F85CEB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.quovadisglobal.com/cps
Source: fAatfRnCZ5.exe, 00000008.00000003.1662490950.0000019F859F2000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659601664.0000019F859F2000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1591153575.0000019F859F2000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662632015.0000019F859FB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.quovadisglobal.com/cps0
Source: fAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.thunderforest.com/
Source: fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F859BE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661479370.0000019F85445000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1664182590.0000019F85446000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663499334.0000019F85445000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1672809552.0000019F85475000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1674732808.0000019F85475000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1671660409.0000019F85475000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665091492.0000019F85472000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660411898.0000019F85444000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1673739995.0000019F85475000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://wwwsearch.sf.net/):
Source: fAatfRnCZ5.exe, 00000005.00000003.1328182691.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.mapbox.com/directions/v5/mapbox/
Source: fAatfRnCZ5.exe, 00000005.00000003.1328182691.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.mapbox.com/geocoding/v5/mapbox.places-permanent/
Source: fAatfRnCZ5.exe, 00000005.00000003.1328182691.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.mapbox.com/geocoding/v5/mapbox.places/
Source: qtlocation_ko.qm.5.drString found in binary or memory: https://developer.here.com
Source: qtlocation_ko.qm.5.dr, qtlocation_pl.qm.5.drString found in binary or memory: https://developer.here.com/
Source: qtlocation_pl.qm.5.drString found in binary or memory: https://developers.arcgis.com/authentication/accessing-arcgis-online-services/
Source: fAatfRnCZ5.exe, 00000008.00000002.1676989473.0000019F84CA0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.ExecutionLoader.get_filename
Source: fAatfRnCZ5.exe, 00000008.00000002.1676989473.0000019F84D2C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.InspectLoader.get_code
Source: fAatfRnCZ5.exe, 00000008.00000002.1676989473.0000019F84CA0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.InspectLoader.get_source
Source: fAatfRnCZ5.exe, 00000008.00000002.1676989473.0000019F84D2C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.InspectLoader.is_package
Source: fAatfRnCZ5.exe, 00000008.00000002.1676989473.0000019F84D2C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.Loader.create_module
Source: fAatfRnCZ5.exe, 00000008.00000002.1676989473.0000019F84D2C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.Loader.exec_module
Source: fAatfRnCZ5.exe, 00000008.00000002.1676989473.0000019F84CA0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.MetaPathFinder.invalidate_caches
Source: fAatfRnCZ5.exe, 00000008.00000002.1676989473.0000019F84D2C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.PathEntryFinder.find_spec
Source: fAatfRnCZ5.exe, 00000008.00000003.1663399635.0000019F8349C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1676771227.0000019F8349F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1664931068.0000019F8349F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.ResourceLoader.get_data
Source: fAatfRnCZ5.exe, 00000008.00000002.1677928890.0000019F85600000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://foss.heptapod.net/pypy/pypy/-/issues/3539
Source: fAatfRnCZ5.exe, 00000008.00000003.1660411898.0000019F85444000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/Ousret/charset_normalizer
Source: fAatfRnCZ5.exe, 00000008.00000003.1673113029.0000019F834C5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663399635.0000019F8349C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665244746.0000019F834C2000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1669937331.0000019F834C5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1676771227.0000019F8349F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1664931068.0000019F8349F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/Unidata/MetPy/blob/a3424de66a44bf3a92b0dcacf4dff82ad7b86712/src/metpy/plots/wx_sy
Source: fAatfRnCZ5.exe, 00000008.00000002.1682329239.0000019F86200000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/psf/requests/pull/6710
Source: fAatfRnCZ5.exe, 00000008.00000002.1676989473.0000019F84D2C000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/python/cpython/blob/3.9/Lib/importlib/_bootstrap_external.py#L679-L688
Source: fAatfRnCZ5.exe, 00000008.00000003.1664931068.0000019F8349F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/abc.py
Source: fAatfRnCZ5.exe, 00000008.00000003.1673113029.0000019F834C5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663399635.0000019F8349C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665244746.0000019F834C2000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1669937331.0000019F834C5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1676771227.0000019F8349F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1664931068.0000019F8349F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/reader
Source: fAatfRnCZ5.exe, 00000008.00000003.1673113029.0000019F834C5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663399635.0000019F8349C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665244746.0000019F834C2000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1669937331.0000019F834C5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1676771227.0000019F8349F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1664931068.0000019F8349F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/tensorflow/datasets/blob/master/tensorflow_datasets/core/utils/resource_utils.py#
Source: fAatfRnCZ5.exe, 00000008.00000002.1677928890.0000019F85600000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/urllib3/urllib3/issues/2192#issuecomment-821832963
Source: fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8587B000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1669314893.0000019F8588D000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660067514.0000019F85881000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F85887000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670947676.0000019F8589D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/urllib3/urllib3/issues/2513#issuecomment-1152559900.
Source: fAatfRnCZ5.exe, 00000008.00000002.1680213064.0000019F85A60000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/urllib3/urllib3/issues/2920
Source: fAatfRnCZ5.exe, 00000008.00000002.1680213064.0000019F85A60000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/urllib3/urllib3/issues/2920u
Source: fAatfRnCZ5.exe, 00000008.00000002.1680350376.0000019F85B74000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/urllib3/urllib3/issues/3290
Source: fAatfRnCZ5.exe, 00000008.00000002.1680350376.0000019F85B74000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/urllib3/urllib3/issues/3290ib3
Source: fAatfRnCZ5.exe, 00000008.00000003.1660858920.0000019F85821000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660411898.0000019F85444000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663702623.0000019F85847000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://google.com/
Source: fAatfRnCZ5.exe, 00000008.00000003.1663983427.0000019F85848000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8581E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660858920.0000019F85821000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663702623.0000019F85847000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://google.com/mail
Source: fAatfRnCZ5.exe, 00000008.00000002.1678262330.0000019F8580A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://google.com/mail/
Source: fAatfRnCZ5.exe, 00000008.00000003.1663773281.0000019F854DF000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660357531.0000019F854B1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1589084054.0000019F85473000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590588964.0000019F854A4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661240960.0000019F854B3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1667863566.0000019F854E0000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1671246957.0000019F854E1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670803702.0000019F854E0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://html.spec.whatwg.org/multipage/
Source: fAatfRnCZ5.exe, 00000008.00000003.1660411898.0000019F85444000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://httpbin.org/
Source: fAatfRnCZ5.exe, 00000008.00000003.1660162436.0000019F8599C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1667863566.0000019F854CE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660067514.0000019F85881000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1680035348.0000019F859C5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1591311493.0000019F859C6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F85887000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1673305894.0000019F854D5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1675285686.0000019F854DA000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1674805323.0000019F8589B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://httpbin.org/get
Source: fAatfRnCZ5.exe, 00000008.00000003.1673305894.0000019F854CD000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660357531.0000019F854B1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1589084054.0000019F85473000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590588964.0000019F854A4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665432617.0000019F854BB000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1664775421.0000019F854B5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661240960.0000019F854B3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://httpbin.org/post
Source: fAatfRnCZ5.exe, 00000008.00000003.1663702623.0000019F85847000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670803702.0000019F854E0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://json.org
Source: fAatfRnCZ5.exe, 00000008.00000003.1663983427.0000019F85848000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1666325561.0000019F85849000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1671417255.0000019F85851000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8581E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660858920.0000019F85821000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663702623.0000019F85847000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://mahler:8092/site-updates.py
Source: fAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://nominatim.openstreetmap.org
Source: fAatfRnCZ5.exe, 00000008.00000002.1678097866.0000019F85700000.00000004.00001000.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1680350376.0000019F85B74000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://packaging.python.org/specifications/entry-points/
Source: fAatfRnCZ5.exe, 00000008.00000002.1684979288.00007FF820ECF000.00000002.00000001.01000000.00000005.sdmpString found in binary or memory: https://python.org/dev/peps/pep-0263/
Source: fAatfRnCZ5.exe, 00000008.00000003.1673305894.0000019F854CD000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660357531.0000019F854B1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1589084054.0000019F85473000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590588964.0000019F854A4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665432617.0000019F854BB000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1664775421.0000019F854B5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661240960.0000019F854B3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1682107300.0000019F86148000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://requests.readthedocs.io
Source: fAatfRnCZ5.exe, 00000008.00000003.1670660503.0000019F834CB000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663399635.0000019F8349C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665827579.0000019F834CA000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665244746.0000019F834C2000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1664931068.0000019F8349F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/rfc2388#section-4.4
Source: fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8581E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660858920.0000019F85821000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660411898.0000019F85444000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://twitter.com/
Source: fAatfRnCZ5.exe, 00000008.00000003.1589149792.0000019F85973000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1678097866.0000019F85700000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#https-proxy-error-http-proxy
Source: fAatfRnCZ5.exe, 00000008.00000002.1680213064.0000019F85A60000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#tls-warnings
Source: fAatfRnCZ5.exe, 00000008.00000002.1680213064.0000019F85A60000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#tls-warningsp
Source: fAatfRnCZ5.exe, 00000008.00000002.1677235236.0000019F851C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://viltrac.com/wp-content/uploads/2024/11/NeighborResolve_nopump.exe
Source: fAatfRnCZ5.exe, 00000008.00000002.1677235236.0000019F851C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://viltrac.com/wp-content/uploads/2024/11/NeighborResolve_nopump.exe6A0
Source: fAatfRnCZ5.exe, 00000008.00000002.1682329239.0000019F86220000.00000004.00001000.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1677235236.0000019F851C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://viltrac.com/wp-content/uploads/2024/11/slimo-qt.exe
Source: fAatfRnCZ5.exe, 00000008.00000002.1682329239.0000019F86220000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://viltrac.com/wp-content/uploads/2024/11/slimo-qt.exe0c
Source: fAatfRnCZ5.exe, 00000008.00000002.1677235236.0000019F851C0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://viltrac.com/wp-content/uploads/2024/11/slimo-qt.exeyc0
Source: fAatfRnCZ5.exe, 00000005.00000003.1303191765.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329184577.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302396619.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329542475.0000022DCC67C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1299787623.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301285335.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326067624.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1296426483.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1295258895.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300325743.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1335286752.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1302735029.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1326482601.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1330992237.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358159682.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1329694125.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1301885870.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1300125457.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1303463975.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1328182691.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.digicert.com/CPS0
Source: fAatfRnCZ5.exe, 00000005.00000003.1434383883.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1435031821.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1434383883.0000022DCC673000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1435031821.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, GaugeStyle.qml.5.dr, FocusFrameStyle.qml.5.dr, RadioButtonStyle.qml.5.drString found in binary or memory: https://www.gnu.org/licenses/gpl-2.0.html
Source: fAatfRnCZ5.exe, 00000005.00000003.1360914060.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1372679416.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1375574785.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1359690217.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1434383883.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1363872794.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1435031821.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1373137252.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1373769208.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1364221625.0000022DCC676000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1361673361.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1377554287.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1363723122.0000022DCC676000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1372988791.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1434383883.0000022DCC673000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1361147675.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1365096461.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358423351.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1361998297.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358685730.0000022DCC674000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.gnu.org/licenses/gpl-3.0.html.
Source: fAatfRnCZ5.exe, 00000005.00000003.1434383883.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1435031821.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1434383883.0000022DCC673000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1435031821.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, GaugeStyle.qml.5.dr, FocusFrameStyle.qml.5.dr, RadioButtonStyle.qml.5.drString found in binary or memory: https://www.gnu.org/licenses/lgpl-3.0.html.
Source: TabBar.qml.5.dr, ProgressBar.qml.5.dr, SpinBoxSpecifics.qml.5.dr, RoundButtonSpecifics.qml.5.dr, CheckBoxSpecifics.qml.5.dr, StackViewSpecifics.qml.5.dr, ToolButton.qml2.5.dr, DialSpecifics.qml.5.dr, MenuItem.qml0.5.dr, GroupBox.qml.5.dr, ToolBarSpecifics.qml.5.dr, SwipeView.qml0.5.dr, PaneSection.qml.5.dr, SpinBox.qml1.5.dr, ContainerSection.qml.5.dr, PaneSpecifics.qml.5.dr, RangeSliderSpecifics.qml.5.dr, ScrollBar.qml1.5.dr, ToolSeparatorSpecifics.qml.5.dr, Slider.qml0.5.dr, ControlSection.qml.5.drString found in binary or memory: https://www.gnu.org/licenses/lgpl.html.
Source: qtlocation_pl.qm.5.drString found in binary or memory: https://www.mapbox.com
Source: qtlocation_pl.qm.5.drString found in binary or memory: https://www.mapbox.com.
Source: fAatfRnCZ5.exe, 00000005.00000003.1314046584.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1312342279.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1686913874.00007FF8329CB000.00000002.00000001.01000000.0000000B.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpString found in binary or memory: https://www.openssl.org/H
Source: fAatfRnCZ5.exe, 00000008.00000003.1673305894.0000019F854CD000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660357531.0000019F854B1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1589084054.0000019F85473000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590588964.0000019F854A4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665432617.0000019F854BB000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1664775421.0000019F854B5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661240960.0000019F854B3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.python.org
Source: fAatfRnCZ5.exe, 00000008.00000003.1663983427.0000019F85848000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1666325561.0000019F85849000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1671417255.0000019F85851000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8581E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660858920.0000019F85821000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663702623.0000019F85847000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.python.org/
Source: fAatfRnCZ5.exe, 00000008.00000003.1587218424.0000019F8546A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1587112242.0000019F85401000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1678097866.0000019F85700000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.python.org/dev/peps/pep-0205/
Source: fAatfRnCZ5.exe, 00000008.00000002.1676989473.0000019F84CA0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.python.org/download/releases/2.3/mro/.
Source: fAatfRnCZ5.exe, 00000005.00000003.1360914060.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1372679416.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1375574785.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1359690217.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1434383883.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1363872794.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1435031821.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1373137252.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1373769208.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1364221625.0000022DCC676000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1361673361.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1377554287.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1363723122.0000022DCC676000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1372988791.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1434383883.0000022DCC673000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1361147675.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1365096461.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358423351.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1361998297.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358685730.0000022DCC674000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.qt.io/contact-us.
Source: fAatfRnCZ5.exe, 00000005.00000003.1360914060.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1372679416.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1375574785.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1359690217.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1434383883.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1363872794.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1435031821.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1373137252.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1373769208.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1364221625.0000022DCC676000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1361673361.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1377554287.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1363723122.0000022DCC676000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1372988791.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1434383883.0000022DCC673000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1361147675.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1365096461.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358423351.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1361998297.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358685730.0000022DCC674000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.qt.io/licensing/
Source: fAatfRnCZ5.exe, 00000005.00000003.1360914060.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1372679416.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1375574785.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1359690217.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1434383883.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1363872794.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1435031821.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1373137252.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1373769208.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1364221625.0000022DCC676000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1361673361.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1377554287.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1363723122.0000022DCC676000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1372988791.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1434383883.0000022DCC673000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1361147675.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1365096461.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358423351.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1361998297.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358685730.0000022DCC674000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.qt.io/terms-conditions.
Source: fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8581E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663983427.0000019F85825000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660858920.0000019F85821000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665271905.0000019F85846000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.rfc-editor.org/rfc/rfc8259#section-8.1
Source: fAatfRnCZ5.exe, 00000008.00000003.1662605766.0000019F85D45000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85D12000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1674406232.0000019F85D48000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660998886.0000019F85D10000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662411451.0000019F85D36000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661289089.0000019F85D1A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1681227721.0000019F85D48000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662325438.0000019F85D2B000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661376493.0000019F85D20000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://wwww.certigna.fr/autorites/
Source: fAatfRnCZ5.exe, 00000008.00000003.1661644262.0000019F85D53000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85D12000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663013189.0000019F85D5A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660998886.0000019F85D10000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1681265521.0000019F85D5A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661289089.0000019F85D1A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661376493.0000019F85D20000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662077369.0000019F85D54000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://wwww.certigna.fr/autorites/0m
Source: fAatfRnCZ5.exe, 00000008.00000003.1663983427.0000019F85848000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8581E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660858920.0000019F85821000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663702623.0000019F85847000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://yahoo.com/
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: SetConsoleCtrlHandler,GetStartupInfoW,GetCommandLineW,CreateProcessW,GetLastError,RegisterClassW,GetLastError,CreateWindowExW,GetLastError,ShowWindow,WaitForSingleObject,GetLastError,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,WaitForSingleObject,WaitForSingleObject,TerminateProcess,GetLastError,WaitForSingleObject,QueryPerformanceFrequency,QueryPerformanceCounter,MsgWaitForMultipleObjects,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,QueryPerformanceCounter,GetMessageW,TranslateMessage,DispatchMessageW,DestroyWindow,GetExitCodeProcess,CloseHandle,CloseHandle, LOADER: creating hidden window to capture system shutdown events...5_2_00007FF6517497F0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: SetConsoleCtrlHandler,GetStartupInfoW,GetCommandLineW,CreateProcessW,GetLastError,RegisterClassW,GetLastError,CreateWindowExW,GetLastError,ShowWindow,WaitForSingleObject,GetLastError,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,WaitForSingleObject,WaitForSingleObject,TerminateProcess,GetLastError,WaitForSingleObject,QueryPerformanceFrequency,QueryPerformanceCounter,MsgWaitForMultipleObjects,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,QueryPerformanceCounter,GetMessageW,TranslateMessage,DispatchMessageW,DestroyWindow,GetExitCodeProcess,CloseHandle,CloseHandle, LOADER: handling console shutdown - giving the child %d ms to exit...5_2_00007FF6517497F0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: SetConsoleCtrlHandler,GetStartupInfoW,GetCommandLineW,CreateProcessW,GetLastError,RegisterClassW,GetLastError,CreateWindowExW,GetLastError,ShowWindow,WaitForSingleObject,GetLastError,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,WaitForSingleObject,WaitForSingleObject,TerminateProcess,GetLastError,WaitForSingleObject,QueryPerformanceFrequency,QueryPerformanceCounter,MsgWaitForMultipleObjects,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,QueryPerformanceCounter,GetMessageW,TranslateMessage,DispatchMessageW,DestroyWindow,GetExitCodeProcess,CloseHandle,CloseHandle, LOADER: received console shutdown event - exiting the wait loop!5_2_00007FF6517497F0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: SetConsoleCtrlHandler,GetStartupInfoW,GetCommandLineW,CreateProcessW,GetLastError,RegisterClassW,GetLastError,CreateWindowExW,GetLastError,ShowWindow,WaitForSingleObject,GetLastError,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,WaitForSingleObject,WaitForSingleObject,TerminateProcess,GetLastError,WaitForSingleObject,QueryPerformanceFrequency,QueryPerformanceCounter,MsgWaitForMultipleObjects,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,QueryPerformanceCounter,GetMessageW,TranslateMessage,DispatchMessageW,DestroyWindow,GetExitCodeProcess,CloseHandle,CloseHandle, LOADER: received session shutdown signal via WM_QUERYENDSESSION; waiting for WM_ENDSESSION...5_2_00007FF6517497F0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: SetConsoleCtrlHandler,GetStartupInfoW,GetCommandLineW,CreateProcessW,GetLastError,RegisterClassW,GetLastError,CreateWindowExW,GetLastError,ShowWindow,WaitForSingleObject,GetLastError,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,WaitForSingleObject,WaitForSingleObject,TerminateProcess,GetLastError,WaitForSingleObject,QueryPerformanceFrequency,QueryPerformanceCounter,MsgWaitForMultipleObjects,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,QueryPerformanceCounter,GetMessageW,TranslateMessage,DispatchMessageW,DestroyWindow,GetExitCodeProcess,CloseHandle,CloseHandle, LOADER: creating hidden window to capture system shutdown events...8_2_00007FF6517497F0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: SetConsoleCtrlHandler,GetStartupInfoW,GetCommandLineW,CreateProcessW,GetLastError,RegisterClassW,GetLastError,CreateWindowExW,GetLastError,ShowWindow,WaitForSingleObject,GetLastError,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,WaitForSingleObject,WaitForSingleObject,TerminateProcess,GetLastError,WaitForSingleObject,QueryPerformanceFrequency,QueryPerformanceCounter,MsgWaitForMultipleObjects,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,QueryPerformanceCounter,GetMessageW,TranslateMessage,DispatchMessageW,DestroyWindow,GetExitCodeProcess,CloseHandle,CloseHandle, LOADER: handling console shutdown - giving the child %d ms to exit...8_2_00007FF6517497F0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: SetConsoleCtrlHandler,GetStartupInfoW,GetCommandLineW,CreateProcessW,GetLastError,RegisterClassW,GetLastError,CreateWindowExW,GetLastError,ShowWindow,WaitForSingleObject,GetLastError,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,WaitForSingleObject,WaitForSingleObject,TerminateProcess,GetLastError,WaitForSingleObject,QueryPerformanceFrequency,QueryPerformanceCounter,MsgWaitForMultipleObjects,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,QueryPerformanceCounter,GetMessageW,TranslateMessage,DispatchMessageW,DestroyWindow,GetExitCodeProcess,CloseHandle,CloseHandle, LOADER: received console shutdown event - exiting the wait loop!8_2_00007FF6517497F0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: SetConsoleCtrlHandler,GetStartupInfoW,GetCommandLineW,CreateProcessW,GetLastError,RegisterClassW,GetLastError,CreateWindowExW,GetLastError,ShowWindow,WaitForSingleObject,GetLastError,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,WaitForSingleObject,WaitForSingleObject,TerminateProcess,GetLastError,WaitForSingleObject,QueryPerformanceFrequency,QueryPerformanceCounter,MsgWaitForMultipleObjects,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,QueryPerformanceCounter,GetMessageW,TranslateMessage,DispatchMessageW,DestroyWindow,GetExitCodeProcess,CloseHandle,CloseHandle, LOADER: received session shutdown signal via WM_QUERYENDSESSION; waiting for WM_ENDSESSION...8_2_00007FF6517497F0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF651766A905_2_00007FF651766A90
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF65174B16B5_2_00007FF65174B16B
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF6517677F45_2_00007FF6517677F4
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF6517497F05_2_00007FF6517497F0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF6517410005_2_00007FF651741000
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF65174B3045_2_00007FF65174B304
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF651753AA05_2_00007FF651753AA0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF651764AA05_2_00007FF651764AA0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF6517672A85_2_00007FF6517672A8
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF6517617585_2_00007FF651761758
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF6517529E05_2_00007FF6517529E0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF651766D0C5_2_00007FF651766D0C
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF65175AD305_2_00007FF65175AD30
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF651756BC05_2_00007FF651756BC0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF651752BE45_2_00007FF651752BE4
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF65175F4005_2_00007FF65175F400
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF6517544305_2_00007FF651754430
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF65174BB3D5_2_00007FF65174BB3D
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF6517627045_2_00007FF651762704
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF65174A6905_2_00007FF65174A690
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF65176A5B85_2_00007FF65176A5B8
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF6517525D05_2_00007FF6517525D0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF651752DF05_2_00007FF651752DF0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF6517596245_2_00007FF651759624
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF65175ED805_2_00007FF65175ED80
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF65175E8EC5_2_00007FF65175E8EC
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF6517527D45_2_00007FF6517527D4
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF651752FF45_2_00007FF651752FF4
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF6517548345_2_00007FF651754834
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF651764F3C5_2_00007FF651764F3C
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF6517617585_2_00007FF651761758
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF651758F745_2_00007FF651758F74
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF6517677F48_2_00007FF6517677F4
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF6517410008_2_00007FF651741000
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF65174B3048_2_00007FF65174B304
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF651766A908_2_00007FF651766A90
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF651753AA08_2_00007FF651753AA0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF651764AA08_2_00007FF651764AA0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF6517672A88_2_00007FF6517672A8
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF6517617588_2_00007FF651761758
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF6517529E08_2_00007FF6517529E0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF65174B16B8_2_00007FF65174B16B
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF651766D0C8_2_00007FF651766D0C
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF65175AD308_2_00007FF65175AD30
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF651756BC08_2_00007FF651756BC0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF651752BE48_2_00007FF651752BE4
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF65175F4008_2_00007FF65175F400
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF6517544308_2_00007FF651754430
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF65174BB3D8_2_00007FF65174BB3D
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF6517627048_2_00007FF651762704
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF65174A6908_2_00007FF65174A690
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF65176A5B88_2_00007FF65176A5B8
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF6517525D08_2_00007FF6517525D0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF651752DF08_2_00007FF651752DF0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF6517596248_2_00007FF651759624
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF65175ED808_2_00007FF65175ED80
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF65175E8EC8_2_00007FF65175E8EC
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF6517527D48_2_00007FF6517527D4
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF651752FF48_2_00007FF651752FF4
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF6517497F08_2_00007FF6517497F0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF6517548348_2_00007FF651754834
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF651764F3C8_2_00007FF651764F3C
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF6517617588_2_00007FF651761758
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF651758F748_2_00007FF651758F74
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8207118608_2_00007FF820711860
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208326EE8_2_00007FF8208326EE
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820836D5C8_2_00007FF820836D5C
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8209E61008_2_00007FF8209E6100
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208323018_2_00007FF820832301
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208312178_2_00007FF820831217
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820831A508_2_00007FF820831A50
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208336348_2_00007FF820833634
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820836EBF8_2_00007FF820836EBF
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820836FFF8_2_00007FF820836FFF
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82083318E8_2_00007FF82083318E
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82095E5F08_2_00007FF82095E5F0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8209725D08_2_00007FF8209725D0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208310AA8_2_00007FF8208310AA
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208365A08_2_00007FF8208365A0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208344088_2_00007FF820834408
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82083144C8_2_00007FF82083144C
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820834E538_2_00007FF820834E53
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208344CB8_2_00007FF8208344CB
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208368CA8_2_00007FF8208368CA
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8209EA9008_2_00007FF8209EA900
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208353AD8_2_00007FF8208353AD
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208323F68_2_00007FF8208323F6
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820835DA38_2_00007FF820835DA3
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820835F108_2_00007FF820835F10
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820833A948_2_00007FF820833A94
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820834D098_2_00007FF820834D09
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208365648_2_00007FF820836564
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208312998_2_00007FF820831299
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208315C88_2_00007FF8208315C8
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208354CF8_2_00007FF8208354CF
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820912CD08_2_00007FF820912CD0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820831B278_2_00007FF820831B27
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820972C008_2_00007FF820972C00
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208354348_2_00007FF820835434
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208353C68_2_00007FF8208353C6
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82083213A8_2_00007FF82083213A
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208321718_2_00007FF820832171
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82084EF008_2_00007FF82084EF00
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820834F438_2_00007FF820834F43
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8209EB0E08_2_00007FF8209EB0E0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82083638E8_2_00007FF82083638E
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8209D30108_2_00007FF8209D3010
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82084F0608_2_00007FF82084F060
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820836EF18_2_00007FF820836EF1
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82085B1C08_2_00007FF82085B1C0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208350B08_2_00007FF8208350B0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82083114F8_2_00007FF82083114F
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208372578_2_00007FF820837257
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208329878_2_00007FF820832987
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82084F2008_2_00007FF82084F200
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208338378_2_00007FF820833837
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208326718_2_00007FF820832671
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820833BA78_2_00007FF820833BA7
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8209674808_2_00007FF820967480
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820832D108_2_00007FF820832D10
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82085B5508_2_00007FF82085B550
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208337928_2_00007FF820833792
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82083435E8_2_00007FF82083435E
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820831B368_2_00007FF820831B36
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82083474B8_2_00007FF82083474B
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8209677808_2_00007FF820967780
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208357D68_2_00007FF8208357D6
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82089F7008_2_00007FF82089F700
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82083348B8_2_00007FF82083348B
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208336988_2_00007FF820833698
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82083707C8_2_00007FF82083707C
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82083416A8_2_00007FF82083416A
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820835A658_2_00007FF820835A65
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820963CC08_2_00007FF820963CC0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820831CC68_2_00007FF820831CC6
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82084BD608_2_00007FF82084BD60
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208360DC8_2_00007FF8208360DC
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820835E258_2_00007FF820835E25
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82084BF208_2_00007FF82084BF20
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208341068_2_00007FF820834106
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820835B788_2_00007FF820835B78
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8209D41708_2_00007FF8209D4170
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820835B148_2_00007FF820835B14
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820832C7A8_2_00007FF820832C7A
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82084C4808_2_00007FF82084C480
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208E04408_2_00007FF8208E0440
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208372C58_2_00007FF8208372C5
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208325F48_2_00007FF8208325F4
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208346388_2_00007FF820834638
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208321448_2_00007FF820832144
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208369E78_2_00007FF8208369E7
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82084C6208_2_00007FF82084C620
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82096C6608_2_00007FF82096C660
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82083177B8_2_00007FF82083177B
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820836C218_2_00007FF820836C21
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208329D28_2_00007FF8208329D2
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820836CBC8_2_00007FF820836CBC
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820834B5B8_2_00007FF820834B5B
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82083516E8_2_00007FF82083516E
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820835D8A8_2_00007FF820835D8A
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820832D798_2_00007FF820832D79
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8209689608_2_00007FF820968960
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820833B988_2_00007FF820833B98
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820834A598_2_00007FF820834A59
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208359348_2_00007FF820835934
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82083704A8_2_00007FF82083704A
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820831EA68_2_00007FF820831EA6
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820836F288_2_00007FF820836F28
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208321BC8_2_00007FF8208321BC
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208311408_2_00007FF820831140
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208322ED8_2_00007FF8208322ED
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208360A08_2_00007FF8208360A0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820A70E008_2_00007FF820A70E00
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820833FDF8_2_00007FF820833FDF
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82083655F8_2_00007FF82083655F
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820831F9B8_2_00007FF820831F9B
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8209D50B08_2_00007FF8209D50B0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82083710D8_2_00007FF82083710D
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820836A878_2_00007FF820836A87
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820835BF58_2_00007FF820835BF5
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8209691308_2_00007FF820969130
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8209E91008_2_00007FF8209E9100
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208552008_2_00007FF820855200
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208330C68_2_00007FF8208330C6
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82084D2608_2_00007FF82084D260
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208355158_2_00007FF820835515
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82083228E8_2_00007FF82083228E
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8209614908_2_00007FF820961490
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208356148_2_00007FF820835614
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82083428C8_2_00007FF82083428C
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208332EC8_2_00007FF8208332EC
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82083276B8_2_00007FF82083276B
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820834C3C8_2_00007FF820834C3C
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820832E918_2_00007FF820832E91
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820834ACA8_2_00007FF820834ACA
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82083504C8_2_00007FF82083504C
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208354D48_2_00007FF8208354D4
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8209717608_2_00007FF820971760
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208314248_2_00007FF820831424
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8209E99D08_2_00007FF8209E99D0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208359FC8_2_00007FF8208359FC
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820833A8A8_2_00007FF820833A8A
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820831D028_2_00007FF820831D02
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208336028_2_00007FF820833602
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82095DC508_2_00007FF82095DC50
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820831D888_2_00007FF820831D88
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208316228_2_00007FF820831622
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82083736A8_2_00007FF82083736A
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208372AC8_2_00007FF8208372AC
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208327618_2_00007FF820832761
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208322B18_2_00007FF8208322B1
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208311CC8_2_00007FF8208311CC
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820832FD18_2_00007FF820832FD1
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820834C198_2_00007FF820834C19
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D12AE08_2_00007FF821D12AE0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D27AA08_2_00007FF821D27AA0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D112908_2_00007FF821D11290
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D0B2708_2_00007FF821D0B270
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821CFBA008_2_00007FF821CFBA00
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D322308_2_00007FF821D32230
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821CF29D08_2_00007FF821CF29D0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D141E08_2_00007FF821D141E0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D0F9E08_2_00007FF821D0F9E0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D309A08_2_00007FF821D309A0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821CF69A08_2_00007FF821CF69A0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821CEC9408_2_00007FF821CEC940
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D294B08_2_00007FF821D294B0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D174508_2_00007FF821D17450
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D15C008_2_00007FF821D15C00
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D2F4008_2_00007FF821D2F400
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821CE5BA08_2_00007FF821CE5BA0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D31B608_2_00007FF821D31B60
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D2DB708_2_00007FF821D2DB70
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D2C3408_2_00007FF821D2C340
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821CEB3008_2_00007FF821CEB300
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821CE66C08_2_00007FF821CE66C0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D10EB08_2_00007FF821D10EB0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D2FEB08_2_00007FF821D2FEB0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D146908_2_00007FF821D14690
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D276608_2_00007FF821D27660
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821CF7E708_2_00007FF821CF7E70
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D0B6208_2_00007FF821D0B620
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D206008_2_00007FF821D20600
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D0F5D08_2_00007FF821D0F5D0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D09D908_2_00007FF821D09D90
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821CE3D608_2_00007FF821CE3D60
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821CEA5608_2_00007FF821CEA560
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D27D508_2_00007FF821D27D50
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D0C8E08_2_00007FF821D0C8E0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D208F08_2_00007FF821D208F0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821CF58F08_2_00007FF821CF58F0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D168C08_2_00007FF821D168C0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D0E0908_2_00007FF821D0E090
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D2E8608_2_00007FF821D2E860
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821CE20708_2_00007FF821CE2070
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821CE786B8_2_00007FF821CE786B
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D0A8108_2_00007FF821D0A810
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D26FC08_2_00007FF821D26FC0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821CF47508_2_00007FF821CF4750
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D16F408_2_00007FF821D16F40
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D127008_2_00007FF821D12700
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821CEDF208_2_00007FF821CEDF20
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D2B7108_2_00007FF821D2B710
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8328B3A408_2_00007FF8328B3A40
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8328C07008_2_00007FF8328C0700
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: String function: 00007FF82083698D appears 49 times
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: String function: 00007FF820833012 appears 55 times
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: String function: 00007FF82083688E appears 31 times
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: String function: 00007FF820834D6D appears 34 times
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: String function: 00007FF820832739 appears 516 times
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: String function: 00007FF820831EF6 appears 1580 times
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: String function: 00007FF820834840 appears 129 times
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: String function: 00007FF8208324BE appears 84 times
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: String function: 00007FF651742960 appears 108 times
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: String function: 00007FF82083405C appears 779 times
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: String function: 00007FF651742B70 appears 34 times
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: String function: 00007FF8328B3900 appears 59 times
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: String function: 00007FF820832A09 appears 172 times
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: String function: 00007FF651742880 appears 128 times
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: String function: 00007FF651742770 appears 192 times
Source: fAatfRnCZ5.exeBinary or memory string: OriginalFilename vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1303191765.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Sensors.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1329184577.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqico.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1325389171.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamessleay32.dllH vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1314046584.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamelibsslH vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1302396619.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5QuickTest.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1299787623.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Quick3D.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1301285335.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5QuickParticles.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1326067624.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameassimp.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1296426483.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Qml.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1295258895.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Positioning.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1300325743.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Q vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1300325743.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Quick3DRender.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1313513558.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamelibeay32.dllH vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1335286752.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtsensorgestures_plugin.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1302735029.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5QuickWidgets.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1326482601.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameuip.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1330992237.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamewmfengine.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1358159682.0000022DCC671000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtquick3dhelpersplugin.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1329694125.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtga.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1301885870.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5QuickTemplates2.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1300125457.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Quick3DAssetImport.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1303463975.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5SerialPort.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1328182691.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtgeoservices_mapbox.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1301099919.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5QuickControls2.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1291895191.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5MultimediaWidgets.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1312342279.0000022DCC674000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamelibcryptoH vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1332615439.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqxdgdesktopportal.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1335084337.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamegltfsceneimport.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1332952630.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtposition_positionpoll.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1307998424.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Xml.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1334340569.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameopenglrenderer.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1303769619.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Sql.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1332753580.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtmultimedia_m3u.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1305082661.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5WebView.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1329074682.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqicns.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1278710581.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Designer.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1288176084.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Multimedia.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1281715508.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Gui.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1301561365.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5QuickShapes.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1329542475.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqsvg.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1335635517.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtsensors_generic.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1331585870.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqoffscreen.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1297605749.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5QmlWorkerScript.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1334024715.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamewindowsprintersupport.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1314720731.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamemsvcp140_2.dllT vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1300647328.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Quick3DRuntimeRender.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1307776755.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5WinExtras.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1293714658.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Network.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpBinary or memory string: OriginalFilenameslimo-qt.exe6 vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1295763766.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5PrintSupport.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1357125504.0000022DCC671000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtquick3deffectplugin.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1328016924.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtgeoservices_itemsoverlay.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1314313766.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamemsvcp140.dllT vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1310839968.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1310839968.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamelibEGL.dll. vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1275357778.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Bluetooth.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1314568236.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamemsvcp140_1.dllT vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1276317774.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Core.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1333217731.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtposition_serialnmea.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1304673478.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5WebChannel.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1327037823.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtaudio_windows.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1327320991.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtuiotouchplugin.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1274867156.0000022DCC66E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamemsvcp140.dllT vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1277967235.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5DBus.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1294866397.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5OpenGL.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1327178324.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqgenericbearer.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1331254340.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqminimal.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1330824200.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtmedia_audioengine.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1303996456.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Svg.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1284949283.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Location.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1333624592.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtposition_winrt.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1327508882.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefaultgeometryloader.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1328433823.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtgeoservices_nokia.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1449810504.0000022DCC6A9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedialogplugin.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1326861116.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtaudio_wasapi.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1330202784.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqwbmp.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1309354274.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameconcrt140.dllT vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1330360977.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqwebp.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1334779734.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamegltfsceneexport.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1304320104.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Test.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1327700432.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamegltfgeometryloader.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtgeoservices_osm.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1304851841.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5WebSockets.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1329330230.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqjpeg.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1284052810.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Help.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1328850664.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqsvgicon.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1330634183.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedsengine.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1466647419.0000022DCC6A9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamesharedimageplugin.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1300985228.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Quick3DUtils.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1329845656.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtiff.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1294607007.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Nfc.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1297348276.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5QmlModels.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1302917868.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5RemoteObjects.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1311220214.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamelibGLESv2.dll4 vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1358362449.0000022DCC67E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtquick3dhelpersplugin.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1304532194.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5TextToSpeech.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1331865950.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqwebgl.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1325801437.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamevcruntime140_1.dllT vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC688000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedialogplugin.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1335499258.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtsensorgestures_shakeplugin.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1327844588.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtgeoservices_esri.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1295480719.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5PositioningQuick.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1325615097.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamevcruntime140.dllT vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1372281367.0000022DCC671000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtquick3dmaterialplugin.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1328961219.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqgif.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000005.00000003.1332243584.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqwindows.dll( vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exeBinary or memory string: OriginalFilename vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000008.00000002.1688451455.00007FF838B56000.00000002.00000001.01000000.00000008.sdmpBinary or memory string: OriginalFilenameselect.pyd. vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000008.00000002.1687266324.00007FF833AC2000.00000002.00000001.01000000.0000000F.sdmpBinary or memory string: OriginalFilename_bz2.pyd. vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000008.00000002.1685601597.00007FF820FD8000.00000002.00000001.01000000.00000005.sdmpBinary or memory string: OriginalFilenamepython310.dll. vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000008.00000002.1686913874.00007FF8329CB000.00000002.00000001.01000000.0000000B.sdmpBinary or memory string: OriginalFilenamelibsslH vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000008.00000002.1688966999.00007FF838B97000.00000002.00000001.01000000.00000006.sdmpBinary or memory string: OriginalFilenamevcruntime140.dllT vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000008.00000002.1688724548.00007FF838B72000.00000002.00000001.01000000.00000007.sdmpBinary or memory string: OriginalFilename_socket.pyd. vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpBinary or memory string: OriginalFilenameunicodedata.pyd. vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpBinary or memory string: OriginalFilenamelibcryptoH vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpBinary or memory string: OriginalFilenameslimo-qt.exe6 vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000008.00000002.1688160710.00007FF838B46000.00000002.00000001.01000000.0000000E.sdmpBinary or memory string: OriginalFilename_queue.pyd. vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000008.00000002.1687811373.00007FF838AAE000.00000002.00000001.01000000.0000000D.sdmpBinary or memory string: OriginalFilename_hashlib.pyd. vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000008.00000002.1686609375.00007FF832914000.00000002.00000001.01000000.00000010.sdmpBinary or memory string: OriginalFilename_lzma.pyd. vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exe, 00000008.00000002.1687544908.00007FF834285000.00000002.00000001.01000000.00000009.sdmpBinary or memory string: OriginalFilename_ssl.pyd. vs fAatfRnCZ5.exe
Source: fAatfRnCZ5.exeBinary or memory string: OriginalFilenameslimo-qt.exe6 vs fAatfRnCZ5.exe
Source: Qt5Core.dll.5.drStatic PE information: Section: .qtmimed ZLIB complexity 0.997458770800317
Source: classification engineClassification label: mal52.evad.winEXE@3/1026@1/1
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362Jump to behavior
Source: fAatfRnCZ5.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: fAatfRnCZ5.exeVirustotal: Detection: 7%
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile read: C:\Users\user\Desktop\fAatfRnCZ5.exeJump to behavior
Source: unknownProcess created: C:\Users\user\Desktop\fAatfRnCZ5.exe "C:\Users\user\Desktop\fAatfRnCZ5.exe"
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeProcess created: C:\Users\user\Desktop\fAatfRnCZ5.exe "C:\Users\user\Desktop\fAatfRnCZ5.exe"
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeProcess created: C:\Users\user\Desktop\fAatfRnCZ5.exe "C:\Users\user\Desktop\fAatfRnCZ5.exe"Jump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: version.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: vcruntime140.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: python3.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: libcrypto-1_1.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: libssl-1_1.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile opened: C:\Users\user\Desktop\pyvenv.cfgJump to behavior
Source: fAatfRnCZ5.exeStatic PE information: Image base 0x140000000 > 0x60000000
Source: fAatfRnCZ5.exeStatic file information: File size 58294217 > 1048576
Source: fAatfRnCZ5.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
Source: fAatfRnCZ5.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
Source: fAatfRnCZ5.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
Source: fAatfRnCZ5.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: fAatfRnCZ5.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
Source: fAatfRnCZ5.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
Source: fAatfRnCZ5.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE
Source: fAatfRnCZ5.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\mediaservice\qtmedia_audioengine.pdb++ source: fAatfRnCZ5.exe, 00000005.00000003.1330824200.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsvg\plugins\imageformats\qsvg.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1329542475.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsensors\plugins\sensorgestures\qtsensorgestures_plugin.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1335286752.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsvg\plugins\iconengines\qsvgicon.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1328850664.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\geoservices\qtgeoservices_itemsoverlay.pdb!! source: fAatfRnCZ5.exe, 00000005.00000003.1328016924.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\position\qtposition_serialnmea.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1333217731.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\generic\qtuiotouchplugin.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1327320991.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtserialport\lib\Qt5SerialPort.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1303463975.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\audio\qtaudio_wasapi.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1326861116.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_lzma.pdbMM source: fAatfRnCZ5.exe, 00000008.00000002.1686323668.00007FF83290B000.00000002.00000001.01000000.00000010.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\imageformats\qico.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1329184577.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\position\qtposition_positionpoll.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1332952630.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\mediaservice\qtmedia_audioengine.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1330824200.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtquick3d\qml\QtQuick3D\Effects\qtquick3deffectplugin.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1357125504.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\position\qtposition_winrt.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1333624592.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsensors\plugins\sensors\qtsensors_generic.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1335635517.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\bearer\qgenericbearer.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1327178324.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: d:\agent\_work\1\s\\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1325801437.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtdeclarative\lib\Qt5QmlWorkerScript.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1297605749.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: @ compiler: cl /Zi /Fdossl_static.pdb /Gs0 /GF /Gy /MD /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASMOpenSSL 1.1.1t 7 Feb 2023built on: Thu Feb 9 15:27:40 2023 UTCplatform: VC-WIN64A-masmOPENSSLDIR: "C:\Program Files\Common Files\SSL"ENGINESDIR: "C:\Program Files\OpenSSL\lib\engines-1_1"not available source: fAatfRnCZ5.exe, 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmp
Source: Binary string: d:\a01\_work\12\s\\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1688856452.00007FF838B91000.00000002.00000001.01000000.00000006.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_hashlib.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1687731230.00007FF838AA6000.00000002.00000001.01000000.0000000D.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtquick3d\qml\QtQuick3D\Helpers\qtquick3dhelpersplugin.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1358159682.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtspeech\lib\Qt5TextToSpeech.pdb!! source: fAatfRnCZ5.exe, 00000005.00000003.1304532194.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\imageformats\qico.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1329184577.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtdeclarative\qml\Qt\labs\sharedimage\sharedimageplugin.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1466647419.0000022DCC6A9000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\generic\qtuiotouchplugin.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1327320991.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\bearer\qgenericbearer.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1327178324.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\lib\Qt5Gui.pdb source: Qt5Gui.dll.5.dr
Source: Binary string: D:\a\1\b\bin\amd64\_lzma.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1686323668.00007FF83290B000.00000002.00000001.01000000.00000010.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_bz2.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1687197164.00007FF833ABD000.00000002.00000001.01000000.0000000F.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\geoservices\qtgeoservices_itemsoverlay.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1328016924.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\lib\Qt5Location.pdb source: Qt5Location.dll.5.dr
Source: Binary string: D:\a\1\b\bin\amd64\_socket.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1688605863.00007FF838B68000.00000002.00000001.01000000.00000007.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\position\qtposition_serialnmea.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1333217731.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: d:\agent\_work\1\s\\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1325615097.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtimageformats\plugins\imageformats\qtiff.pdbBB source: fAatfRnCZ5.exe, 00000005.00000003.1329845656.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\platformthemes\qxdgdesktopportal.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1332615439.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\position\qtposition_winrt.pdb## source: fAatfRnCZ5.exe, 00000005.00000003.1333624592.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\unicodedata.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmp
Source: Binary string: d:\agent\_work\1\s\\binaries\amd64ret\bin\amd64\\msvcp140_1.amd64.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1314568236.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtquick3d\qml\QtQuick3D\Materials\qtquick3dmaterialplugin.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1372281367.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\audio\qtaudio_wasapi.pdb)) source: fAatfRnCZ5.exe, 00000005.00000003.1326861116.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtimageformats\plugins\imageformats\qtiff.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1329845656.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\imageformats\qgif.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1328961219.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\libssl-1_1.pdb@@ source: fAatfRnCZ5.exe, 00000008.00000002.1686834911.00007FF832996000.00000002.00000001.01000000.0000000B.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\printsupport\windowsprintersupport.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1334024715.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtquick3d\lib\Qt5Quick3DUtils.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1300985228.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: compiler: cl /Zi /Fdossl_static.pdb /Gs0 /GF /Gy /MD /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM source: fAatfRnCZ5.exe, 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtimageformats\plugins\imageformats\qtga.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1329694125.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\audio\qtaudio_windows.pdb&& source: fAatfRnCZ5.exe, 00000005.00000003.1327037823.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsensors\plugins\sensorgestures\qtsensorgestures_shakeplugin.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1335499258.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\playlistformats\qtmultimedia_m3u.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1332753580.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qt3d\plugins\geometryloaders\defaultgeometryloader.pdb!! source: fAatfRnCZ5.exe, 00000005.00000003.1327508882.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtspeech\lib\Qt5TextToSpeech.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1304532194.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\libcrypto-1_1.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsensors\plugins\sensorgestures\qtsensorgestures_plugin.pdb11 source: fAatfRnCZ5.exe, 00000005.00000003.1335286752.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtimageformats\plugins\imageformats\qicns.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1329074682.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\libssl-1_1.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1686834911.00007FF832996000.00000002.00000001.01000000.0000000B.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\select.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1688365462.00007FF838B53000.00000002.00000001.01000000.00000008.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtserialport\lib\Qt5SerialPort.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1303463975.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\python310.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1684979288.00007FF820ECF000.00000002.00000001.01000000.00000005.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_queue.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1688003115.00007FF838B43000.00000002.00000001.01000000.0000000E.sdmp
Source: Binary string: C:\Users\qt\work\qt\qt3d\plugins\geometryloaders\gltfgeometryloader.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1327700432.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\audio\qtaudio_windows.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1327037823.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qt3d\plugins\geometryloaders\defaultgeometryloader.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1327508882.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtimageformats\plugins\imageformats\qwbmp.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1330202784.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\lib\libEGL.pdb source: fAatfRnCZ5.exe, 00000005.00000003.1310839968.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_ssl.pdb source: fAatfRnCZ5.exe, 00000008.00000002.1687379724.00007FF83426D000.00000002.00000001.01000000.00000009.sdmp
Source: fAatfRnCZ5.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
Source: fAatfRnCZ5.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
Source: fAatfRnCZ5.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
Source: fAatfRnCZ5.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
Source: fAatfRnCZ5.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
Source: MSVCP140.dll.5.drStatic PE information: 0xAEDDD920 [Tue Dec 19 17:23:44 2062 UTC]
Source: Qt5Core.dll.5.drStatic PE information: section name: .qtmimed
Source: qtquickcontrols2materialstyleplugin.dll.5.drStatic PE information: section name: .qtmetad
Source: qtquick3deffectplugin.dll.5.drStatic PE information: section name: .qtmetad
Source: qtquick3dhelpersplugin.dll.5.drStatic PE information: section name: .qtmetad
Source: VCRUNTIME140.dll.5.drStatic PE information: section name: _RDATA
Source: qtquickextrasflatplugin.dll.5.drStatic PE information: section name: .qtmetad
Source: qtquickcontrols2universalstyleplugin.dll.5.drStatic PE information: section name: .qtmetad
Source: qtquickcontrolsplugin.dll.5.drStatic PE information: section name: .qtmetad
Source: dialogsprivateplugin.dll.5.drStatic PE information: section name: .qtmetad
Source: dialogplugin.dll.5.drStatic PE information: section name: .qtmetad
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Help.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\_hashlib.pydJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\charset_normalizer\md.cp310-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\charset_normalizer\md__mypyc.cp310-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5DBus.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\_ssl.pydJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Gui.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\MSVCP140.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Designer.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\_socket.pydJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\qtquickcontrols2materialstyleplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\VCRUNTIME140.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\Private\dialogsprivateplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Bluetooth.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Multimedia.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\_brotli.cp310-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\qtquickcontrols2universalstyleplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\qtquickcontrolsplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\dialogplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\_decimal.pydJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Core.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\qtquick3deffectplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Flat\qtquickextrasflatplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\_bz2.pydJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\_lzma.pydJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\_queue.pydJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\VCRUNTIME140_1.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Location.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Helpers\qtquick3dhelpersplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF651745EC0 GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,5_2_00007FF651745EC0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208332FB rdtsc 8_2_00007FF8208332FB
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Help.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\_hashlib.pydJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\charset_normalizer\md.cp310-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\charset_normalizer\md__mypyc.cp310-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5DBus.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Gui.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\_ssl.pydJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\MSVCP140.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Designer.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\_socket.pydJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\qtquickcontrols2materialstyleplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\Private\dialogsprivateplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Bluetooth.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Multimedia.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\_brotli.cp310-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\qtquickcontrols2universalstyleplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\qtquickcontrolsplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\dialogplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\_decimal.pydJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Core.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\qtquick3deffectplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Flat\qtquickextrasflatplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\_bz2.pydJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\_lzma.pydJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\_queue.pydJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\VCRUNTIME140_1.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Location.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Helpers\qtquick3dhelpersplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCheck user administrative privileges: GetTokenInformation,DecisionNodesgraph_5-17892
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeAPI coverage: 8.4 %
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF651748E90 FindFirstFileW,RemoveDirectoryW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,5_2_00007FF651748E90
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF65174A110 FindFirstFileExW,FindClose,5_2_00007FF65174A110
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF651762704 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,5_2_00007FF651762704
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF65174A110 FindFirstFileExW,FindClose,8_2_00007FF65174A110
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF651762704 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,8_2_00007FF651762704
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF651748E90 FindFirstFileW,RemoveDirectoryW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,8_2_00007FF651748E90
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF82083322E _errno,malloc,_errno,MultiByteToWideChar,GetLastError,MultiByteToWideChar,MultiByteToWideChar,free,_errno,FindFirstFileW,_errno,FindNextFileW,WideCharToMultiByte,8_2_00007FF82083322E
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designerJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\EffectsJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5Jump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3DJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qmlJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5Jump to behavior
Source: fAatfRnCZ5.exe, 00000008.00000003.1663983427.0000019F85848000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1666325561.0000019F85849000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1678491448.0000019F85855000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1671380365.0000019F85853000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8581E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660858920.0000019F85821000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663702623.0000019F85847000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll

Anti Debugging

barindex
Potentially malicious time measurement code found
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208342468_2_00007FF820834246
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208357318_2_00007FF820835731
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8208332FB rdtsc 8_2_00007FF8208332FB
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF65175B4A4 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,5_2_00007FF65175B4A4
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF651764310 GetProcessHeap,5_2_00007FF651764310
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF65174E19C SetUnhandledExceptionFilter,5_2_00007FF65174E19C
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF65175B4A4 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,5_2_00007FF65175B4A4
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF65174D730 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,5_2_00007FF65174D730
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF65174DFBC IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,5_2_00007FF65174DFBC
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF65174E19C SetUnhandledExceptionFilter,8_2_00007FF65174E19C
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF65175B4A4 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,8_2_00007FF65175B4A4
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF65174D730 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,8_2_00007FF65174D730
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF65174DFBC IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,8_2_00007FF65174DFBC
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820712A60 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,8_2_00007FF820712A60
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820713028 IsProcessorFeaturePresent,memset,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,8_2_00007FF820713028
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820835A24 IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,8_2_00007FF820835A24
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF821D34050 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,8_2_00007FF821D34050
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF8328C3DE8 IsProcessorFeaturePresent,memset,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,8_2_00007FF8328C3DE8
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeProcess created: C:\Users\user\Desktop\fAatfRnCZ5.exe "C:\Users\user\Desktop\fAatfRnCZ5.exe"Jump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF65176A400 cpuid 5_2_00007FF65176A400
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\plugins\audio VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\plugins\geometryloaders VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\plugins\geoservices VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\plugins\imageformats VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\plugins\mediaservice VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\plugins\mediaservice VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\plugins\platforms VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\plugins\platforms VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\plugins\position VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\plugins\sceneparsers VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\plugins\sensorgestures VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\plugins\sqldrivers VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects\private VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects\private VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects\private VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects\private VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects\private VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects\private VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects\private VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects\private VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects\private VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects\private VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtLocation VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtMultimedia VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtNfc VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtNfc VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtPositioning VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtPositioning VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQml\Models.2 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQml\Models.2 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQml\RemoteObjects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQml\StateMachine VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQml\StateMachine VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQml\WorkerScript.2 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQml\WorkerScript.2 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\images VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\images VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\maps VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Helpers VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Helpers VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF65174DEA0 GetSystemTimeAsFileTime,GetCurrentThreadId,GetCurrentProcessId,QueryPerformanceCounter,5_2_00007FF65174DEA0
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 5_2_00007FF651766A90 _get_daylight,_get_daylight,_get_daylight,_get_daylight,_get_daylight,GetTimeZoneInformation,5_2_00007FF651766A90
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior
Source: C:\Users\user\Desktop\fAatfRnCZ5.exeCode function: 8_2_00007FF820832B62 bind,WSAGetLastError,8_2_00007FF820832B62

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid Accounts1
Native API		1
DLL Side-Loading		11
Process Injection		11
Process Injection		OS Credential Dumping2
System Time Discovery		Remote Services1
Archive Collected Data		12
Encrypted Channel		Exfiltration Over Other Network Medium1
System Shutdown/Reboot
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
DLL Side-Loading		1
Deobfuscate/Decode Files or Information		LSASS Memory31
Security Software Discovery		Remote Desktop ProtocolData from Removable Media1
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
Obfuscated Files or Information		Security Account Manager2
File and Directory Discovery		SMB/Windows Admin SharesData from Network Shared Drive2
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
Software Packing		NTDS23
System Information Discovery		Distributed Component Object ModelInput CaptureProtocol ImpersonationTraffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
Timestomp		LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
DLL Side-Loading		Cached Domain CredentialsWi-Fi DiscoveryVNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
fAatfRnCZ5.exe7%VirustotalBrowse
fAatfRnCZ5.exe5%ReversingLabsWin64.Trojan.Generic

Dropped Files

SourceDetectionScannerLabelLink
C:\Users\user\AppData\Local\Temp\_MEI78362\MSVCP140.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QAxContainer.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Bluetooth.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Core.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5DBus.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Designer.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Gui.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Help.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Location.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Multimedia.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\qtquick3deffectplugin.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Helpers\qtquick3dhelpersplugin.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\qtquickcontrols2materialstyleplugin.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\qtquickcontrols2universalstyleplugin.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Flat\qtquickextrasflatplugin.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\qtquickcontrolsplugin.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\Private\dialogsprivateplugin.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\dialogplugin.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtBluetooth.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtCore.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtDBus.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtDesigner.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtGui.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtHelp.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtLocation.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtMultimedia.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtMultimediaWidgets.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtNetwork.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtNfc.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtOpenGL.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtPositioning.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtPrintSupport.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtQml.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtQuick.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtQuick3D.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtQuickWidgets.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtRemoteObjects.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtSensors.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtSerialPort.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtSql.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtSvg.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtTest.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtTextToSpeech.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtWebChannel.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtWebSockets.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtWidgets.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtWinExtras.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\sip.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\VCRUNTIME140.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\VCRUNTIME140_1.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\_brotli.cp310-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\_bz2.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\_decimal.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\_hashlib.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\_lzma.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\_queue.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\_socket.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\_ssl.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\charset_normalizer\md.cp310-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI78362\charset_normalizer\md__mypyc.cp310-win_amd64.pyd0%ReversingLabs

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://www.mapbox.com.0%Avira URL Cloudsafe
http://ocsp.accv.esOI0%Avira URL Cloudsafe
http://c.tile.opencyclemap.org/cycle/%z/%x/%y.png0%Avira URL Cloudsafe
http://c.tile2.opencyclemap.org/transport/%z/%x/%y.png0%Avira URL Cloudsafe
http://repository.swisssign.com/f0%Avira URL Cloudsafe
http://crl4.digicert0%Avira URL Cloudsafe
http://www.opensource.org/licenses/mit-license.ph0%Avira URL Cloudsafe
https://viltrac.com/wp-content/uploads/2024/11/NeighborResolve_nopump.exe6A00%Avira URL Cloudsafe
https://viltrac.com/wp-content/uploads/2024/11/NeighborResolve_nopump.exe0%Avira URL Cloudsafe
https://urllib3.readthedocs.io/en/latest/advanced-usage.html#tls-warningsp0%Avira URL Cloudsafe
http://www.thunderforest.com/0%Avira URL Cloudsafe
https://viltrac.com/wp-content/uploads/2024/11/slimo-qt.exeyc00%Avira URL Cloudsafe
http://maps-redirect.qt.io/osm/5.8/0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
viltrac.com
104.21.21.198
truefalse
    		unknown

    URLs from Memory and Binaries

    NameSourceMaliciousAntivirus DetectionReputation
    https://developer.here.com/qtlocation_ko.qm.5.dr, qtlocation_pl.qm.5.drfalse
      		high
      http://crl4.digicertfAatfRnCZ5.exe, 00000005.00000003.1308413883.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpfalse
      • Avira URL Cloud: safe
      		unknown
      https://python.org/dev/peps/pep-0263/fAatfRnCZ5.exe, 00000008.00000002.1684979288.00007FF820ECF000.00000002.00000001.01000000.00000005.sdmpfalse
        		high
        https://github.com/tensorflow/datasets/blob/master/tensorflow_datasets/core/utils/resource_utils.py#fAatfRnCZ5.exe, 00000008.00000003.1673113029.0000019F834C5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663399635.0000019F8349C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665244746.0000019F834C2000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1669937331.0000019F834C5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1676771227.0000019F8349F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1664931068.0000019F8349F000.00000004.00000020.00020000.00000000.sdmpfalse
          		high
          http://a.tile.thunderforest.com/landscape/%z/%x/%y.pngfAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpfalse
            		high
            https://api.mapbox.com/geocoding/v5/mapbox.places-permanent/fAatfRnCZ5.exe, 00000005.00000003.1328182691.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpfalse
              		high
              https://www.mapbox.com.qtlocation_pl.qm.5.drfalse
              • Avira URL Cloud: safe
              		unknown
              https://tools.ietf.org/html/rfc2388#section-4.4fAatfRnCZ5.exe, 00000008.00000003.1670660503.0000019F834CB000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663399635.0000019F8349C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665827579.0000019F834CA000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665244746.0000019F834C2000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1664931068.0000019F8349F000.00000004.00000020.00020000.00000000.sdmpfalse
                		high
                http://c.tile2.opencyclemap.org/transport/%z/%x/%y.pngfAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpfalse
                • Avira URL Cloud: safe
                		unknown
                http://c.tile.opencyclemap.org/cycle/%z/%x/%y.pngfAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpfalse
                • Avira URL Cloud: safe
                		unknown
                http://repository.swisssign.com/ffAatfRnCZ5.exe, 00000008.00000002.1680177892.0000019F859FE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659601664.0000019F859F2000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661602101.0000019F859FD000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662632015.0000019F859FE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1591153575.0000019F859F2000.00000004.00000020.00020000.00000000.sdmpfalse
                • Avira URL Cloud: safe
                		unknown
                http://a.tile.thunderforest.com/outdoors/%z/%x/%y.pngfAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpfalse
                  		high
                  https://github.com/urllib3/urllib3/issues/2192#issuecomment-821832963fAatfRnCZ5.exe, 00000008.00000002.1677928890.0000019F85600000.00000004.00001000.00020000.00000000.sdmpfalse
                    		high
                    http://router.project-osrm.org/route/v1/driving/fAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpfalse
                      		high
                      https://api.mapbox.com/geocoding/v5/mapbox.places/fAatfRnCZ5.exe, 00000005.00000003.1328182691.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpfalse
                        		high
                        http://crl.dhimyotis.com/certignarootca.crlfAatfRnCZ5.exe, 00000008.00000003.1661644262.0000019F85D53000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662605766.0000019F85D45000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85D12000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663013189.0000019F85D5A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660998886.0000019F85D10000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662411451.0000019F85D36000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1681265521.0000019F85D5A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661289089.0000019F85D1A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662325438.0000019F85D2B000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661376493.0000019F85D20000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662077369.0000019F85D54000.00000004.00000020.00020000.00000000.sdmpfalse
                          		high
                          http://curl.haxx.se/rfc/cookie_spec.htmlfAatfRnCZ5.exe, 00000008.00000002.1681839555.0000019F860DC000.00000004.00001000.00020000.00000000.sdmpfalse
                            		high
                            http://ocsp.accv.esfAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85D12000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660998886.0000019F85D10000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661289089.0000019F85D1A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmpfalse
                              		high
                              http://www.qt.io/contact-us.TabBar.qml.5.dr, ProgressBar.qml.5.dr, SpinBoxSpecifics.qml.5.dr, RoundButtonSpecifics.qml.5.dr, CheckBoxSpecifics.qml.5.dr, StackViewSpecifics.qml.5.dr, ToolButton.qml2.5.dr, DialSpecifics.qml.5.dr, MenuItem.qml0.5.dr, GroupBox.qml.5.dr, ToolBarSpecifics.qml.5.dr, SwipeView.qml0.5.dr, PaneSection.qml.5.dr, SpinBox.qml1.5.dr, ContainerSection.qml.5.dr, PaneSpecifics.qml.5.dr, RangeSliderSpecifics.qml.5.dr, ScrollBar.qml1.5.dr, ToolSeparatorSpecifics.qml.5.dr, Slider.qml0.5.dr, ControlSection.qml.5.drfalse
                                		high
                                https://developers.arcgis.com/authentication/accessing-arcgis-online-services/qtlocation_pl.qm.5.drfalse
                                  		high
                                  https://docs.python.org/3/library/importlib.html#importlib.abc.ExecutionLoader.get_filenamefAatfRnCZ5.exe, 00000008.00000002.1676989473.0000019F84CA0000.00000004.00001000.00020000.00000000.sdmpfalse
                                    		high
                                    https://urllib3.readthedocs.io/en/latest/advanced-usage.html#https-proxy-error-http-proxyfAatfRnCZ5.exe, 00000008.00000003.1589149792.0000019F85973000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1678097866.0000019F85700000.00000004.00001000.00020000.00000000.sdmpfalse
                                      		high
                                      http://www.opensource.org/licenses/mit-license.phfAatfRnCZ5.exefalse
                                      • Avira URL Cloud: safe
                                      		unknown
                                      https://github.com/python/cpython/blob/3.9/Lib/importlib/_bootstrap_external.py#L679-L688fAatfRnCZ5.exe, 00000008.00000002.1676989473.0000019F84D2C000.00000004.00001000.00020000.00000000.sdmpfalse
                                        		high
                                        https://httpbin.org/getfAatfRnCZ5.exe, 00000008.00000003.1660162436.0000019F8599C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1667863566.0000019F854CE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660067514.0000019F85881000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1680035348.0000019F859C5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1591311493.0000019F859C6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F85887000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1673305894.0000019F854D5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1675285686.0000019F854DA000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1674805323.0000019F8589B000.00000004.00000020.00020000.00000000.sdmpfalse
                                          		high
                                          https://nominatim.openstreetmap.orgfAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpfalse
                                            		high
                                            https://api.mapbox.com/directions/v5/mapbox/fAatfRnCZ5.exe, 00000005.00000003.1328182691.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpfalse
                                              		high
                                              https://docs.python.org/3/library/importlib.html#importlib.abc.InspectLoader.get_codefAatfRnCZ5.exe, 00000008.00000002.1676989473.0000019F84D2C000.00000004.00001000.00020000.00000000.sdmpfalse
                                                		high
                                                http://www.gnu.org/licenses/gpl-2.0.html.TabBar.qml.5.dr, ProgressBar.qml.5.dr, SpinBoxSpecifics.qml.5.dr, RoundButtonSpecifics.qml.5.dr, CheckBoxSpecifics.qml.5.dr, StackViewSpecifics.qml.5.dr, ToolButton.qml2.5.dr, DialSpecifics.qml.5.dr, MenuItem.qml0.5.dr, GroupBox.qml.5.dr, ToolBarSpecifics.qml.5.dr, SwipeView.qml0.5.dr, PaneSection.qml.5.dr, SpinBox.qml1.5.dr, ContainerSection.qml.5.dr, PaneSpecifics.qml.5.dr, RangeSliderSpecifics.qml.5.dr, ScrollBar.qml1.5.dr, ToolSeparatorSpecifics.qml.5.dr, Slider.qml0.5.dr, ControlSection.qml.5.drfalse
                                                  		high
                                                  https://wwww.certigna.fr/autorites/0mfAatfRnCZ5.exe, 00000008.00000003.1661644262.0000019F85D53000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85D12000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663013189.0000019F85D5A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660998886.0000019F85D10000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1681265521.0000019F85D5A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661289089.0000019F85D1A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661376493.0000019F85D20000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662077369.0000019F85D54000.00000004.00000020.00020000.00000000.sdmpfalse
                                                    		high
                                                    https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/readerfAatfRnCZ5.exe, 00000008.00000003.1673113029.0000019F834C5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663399635.0000019F8349C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665244746.0000019F834C2000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1669937331.0000019F834C5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1676771227.0000019F8349F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1664931068.0000019F8349F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                      		high
                                                      https://viltrac.com/wp-content/uploads/2024/11/NeighborResolve_nopump.exefAatfRnCZ5.exe, 00000008.00000002.1677235236.0000019F851C0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                      • Avira URL Cloud: safe
                                                      		unknown
                                                      https://www.gnu.org/licenses/lgpl.html.TabBar.qml.5.dr, ProgressBar.qml.5.dr, SpinBoxSpecifics.qml.5.dr, RoundButtonSpecifics.qml.5.dr, CheckBoxSpecifics.qml.5.dr, StackViewSpecifics.qml.5.dr, ToolButton.qml2.5.dr, DialSpecifics.qml.5.dr, MenuItem.qml0.5.dr, GroupBox.qml.5.dr, ToolBarSpecifics.qml.5.dr, SwipeView.qml0.5.dr, PaneSection.qml.5.dr, SpinBox.qml1.5.dr, ContainerSection.qml.5.dr, PaneSpecifics.qml.5.dr, RangeSliderSpecifics.qml.5.dr, ScrollBar.qml1.5.dr, ToolSeparatorSpecifics.qml.5.dr, Slider.qml0.5.dr, ControlSection.qml.5.drfalse
                                                        		high
                                                        https://httpbin.org/fAatfRnCZ5.exe, 00000008.00000003.1660411898.0000019F85444000.00000004.00000020.00020000.00000000.sdmpfalse
                                                          		high
                                                          https://github.com/urllib3/urllib3/issues/3290ib3fAatfRnCZ5.exe, 00000008.00000002.1680350376.0000019F85B74000.00000004.00001000.00020000.00000000.sdmpfalse
                                                            		high
                                                            https://wwww.certigna.fr/autorites/fAatfRnCZ5.exe, 00000008.00000003.1662605766.0000019F85D45000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85D12000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1674406232.0000019F85D48000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660998886.0000019F85D10000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662411451.0000019F85D36000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661289089.0000019F85D1A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1681227721.0000019F85D48000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662325438.0000019F85D2B000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661376493.0000019F85D20000.00000004.00000020.00020000.00000000.sdmpfalse
                                                              		high
                                                              https://docs.python.org/3/library/importlib.html#importlib.abc.Loader.exec_modulefAatfRnCZ5.exe, 00000008.00000002.1676989473.0000019F84D2C000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                		high
                                                                https://docs.python.org/3/library/importlib.html#importlib.abc.MetaPathFinder.invalidate_cachesfAatfRnCZ5.exe, 00000008.00000002.1676989473.0000019F84CA0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                  		high
                                                                  http://ocsp.accv.esOIfAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85D12000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660998886.0000019F85D10000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661289089.0000019F85D1A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                  • Avira URL Cloud: safe
                                                                  		unknown
                                                                  http://www.color.org)Qt5Gui.dll.5.drfalse
                                                                    		high
                                                                    http://hg.python.org/cpython/file/603b4d593758/Lib/socket.py#l535fAatfRnCZ5.exe, 00000005.00000002.1696578049.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1675211324.0000019F858E6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F858D4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1666621446.0000019F858DE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1664066340.0000019F858DE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1671020032.0000019F858DE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665621109.0000019F858B3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8587B000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F858D4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660067514.0000019F85881000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F85887000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663148391.0000019F858D7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                      		high
                                                                      https://github.com/Unidata/MetPy/blob/a3424de66a44bf3a92b0dcacf4dff82ad7b86712/src/metpy/plots/wx_syfAatfRnCZ5.exe, 00000008.00000003.1673113029.0000019F834C5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663399635.0000019F8349C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665244746.0000019F834C2000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1669937331.0000019F834C5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1676771227.0000019F8349F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1664931068.0000019F8349F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                        		high
                                                                        http://www.openstreetmap.org/copyrightfAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          http://crl.securetrust.com/STCA.crlfAatfRnCZ5.exe, 00000008.00000002.1679034775.0000019F858AF000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670947676.0000019F858AE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670763461.0000019F858AD000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8587B000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1669314893.0000019F8588D000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660067514.0000019F85881000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F85887000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            http://wwwsearch.sf.net/):fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F859BE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661479370.0000019F85445000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1664182590.0000019F85446000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663499334.0000019F85445000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1672809552.0000019F85475000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1674732808.0000019F85475000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1671660409.0000019F85475000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665091492.0000019F85472000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660411898.0000019F85444000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1673739995.0000019F85475000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              		high
                                                                              http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1.crt0fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85D12000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662465338.0000019F85D1C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660998886.0000019F85D10000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1681031810.0000019F85D1E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661289089.0000019F85D1A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                		high
                                                                                http://www.accv.es/legislacion_c.htmfAatfRnCZ5.exe, 00000008.00000003.1663983427.0000019F85848000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1666325561.0000019F85849000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1671380365.0000019F85853000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8581E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660858920.0000019F85821000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663702623.0000019F85847000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  http://tools.ietf.org/html/rfc6125#section-6.4.3fAatfRnCZ5.exe, 00000005.00000002.1696578049.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1680350376.0000019F85B74000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    https://www.qt.io/contact-us.fAatfRnCZ5.exe, 00000005.00000003.1360914060.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1372679416.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1375574785.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1359690217.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1434383883.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1363872794.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1435031821.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1373137252.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1373769208.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1364221625.0000022DCC676000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1361673361.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1377554287.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1363723122.0000022DCC676000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1372988791.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1434383883.0000022DCC673000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1361147675.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1365096461.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358423351.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1361998297.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358685730.0000022DCC674000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      http://crl.xrampsecurity.com/XGCA.crl0fAatfRnCZ5.exe, 00000008.00000003.1663290464.0000019F85924000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661045598.0000019F8591F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1667473081.0000019F85928000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670144680.0000019F85933000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F858D4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659724793.0000019F8591C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        http://www.gnu.org/copyleft/gpl.html.fAatfRnCZ5.exe, 00000005.00000003.1275146697.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1520789489.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1520789489.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1520737480.0000022DCC6A9000.00000004.00000020.00020000.00000000.sdmp, qsplashscreen.sip.5.dr, qtoolbar.sip.5.dr, qmediacontainercontrol.sip.5.dr, QtSvg.pyi.5.dr, qgeoserviceprovider.sip.5.dr, qcameraviewfindersettingscontrol.sip.5.dr, QtDBus.pyi.5.dr, qgraphicsproxywidget.sip.5.dr, qstylefactory.sip.5.dr, qnetworkconfigmanager.sip.5.dr, qcameracontrol.sip.5.dr, qmediacontrol.sip.5.dr, qplaceicon.sip.5.dr, qgeorouterequest.sip.5.dr, qgraphicsanchorlayout.sip.5.dr, qwidget.sip.5.dr, qhelpfilterengine.sip.5.drfalse
                                                                                          		high
                                                                                          http://www.cert.fnmt.es/dpcs/fAatfRnCZ5.exe, 00000008.00000003.1661376493.0000019F85D20000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            https://www.mapbox.comqtlocation_pl.qm.5.drfalse
                                                                                              		high
                                                                                              https://google.com/mailfAatfRnCZ5.exe, 00000008.00000003.1663983427.0000019F85848000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8581E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660858920.0000019F85821000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663702623.0000019F85847000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                https://packaging.python.org/specifications/entry-points/fAatfRnCZ5.exe, 00000008.00000002.1678097866.0000019F85700000.00000004.00001000.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1680350376.0000019F85B74000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  http://www.qt.io/terms-conditions.TabBar.qml.5.dr, ProgressBar.qml.5.dr, SpinBoxSpecifics.qml.5.dr, RoundButtonSpecifics.qml.5.dr, CheckBoxSpecifics.qml.5.dr, StackViewSpecifics.qml.5.dr, ToolButton.qml2.5.dr, DialSpecifics.qml.5.dr, MenuItem.qml0.5.dr, GroupBox.qml.5.dr, ToolBarSpecifics.qml.5.dr, SwipeView.qml0.5.dr, PaneSection.qml.5.dr, SpinBox.qml1.5.dr, ContainerSection.qml.5.dr, PaneSpecifics.qml.5.dr, RangeSliderSpecifics.qml.5.dr, ScrollBar.qml1.5.dr, ToolSeparatorSpecifics.qml.5.dr, Slider.qml0.5.dr, ControlSection.qml.5.drfalse
                                                                                                    		high
                                                                                                    http://www.accv.es00fAatfRnCZ5.exe, 00000008.00000003.1663983427.0000019F85848000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1666325561.0000019F85849000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1671380365.0000019F85853000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85D12000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8581E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662465338.0000019F85D1C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660998886.0000019F85D10000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660858920.0000019F85821000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1681031810.0000019F85D1E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661289089.0000019F85D1A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663702623.0000019F85847000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/abc.pyfAatfRnCZ5.exe, 00000008.00000003.1664931068.0000019F8349F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://foss.heptapod.net/pypy/pypy/-/issues/3539fAatfRnCZ5.exe, 00000008.00000002.1677928890.0000019F85600000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          https://github.com/urllib3/urllib3/issues/2513#issuecomment-1152559900.fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8587B000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1669314893.0000019F8588D000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660067514.0000019F85881000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F85887000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670947676.0000019F8589D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            http://google.com/fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F858D4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659724793.0000019F8591C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              http://html4/loose.dtdfAatfRnCZ5.exe, 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpfalse
                                                                                                                		high
                                                                                                                http://www.qt.io/licensing/TabBar.qml.5.dr, ProgressBar.qml.5.dr, SpinBoxSpecifics.qml.5.dr, RoundButtonSpecifics.qml.5.dr, CheckBoxSpecifics.qml.5.dr, StackViewSpecifics.qml.5.dr, ToolButton.qml2.5.dr, DialSpecifics.qml.5.dr, MenuItem.qml0.5.dr, GroupBox.qml.5.dr, ToolBarSpecifics.qml.5.dr, SwipeView.qml0.5.dr, PaneSection.qml.5.dr, SpinBox.qml1.5.dr, ContainerSection.qml.5.dr, PaneSpecifics.qml.5.dr, RangeSliderSpecifics.qml.5.dr, ScrollBar.qml1.5.dr, ToolSeparatorSpecifics.qml.5.dr, Slider.qml0.5.dr, ControlSection.qml.5.drfalse
                                                                                                                  		high
                                                                                                                  https://mahler:8092/site-updates.pyfAatfRnCZ5.exe, 00000008.00000003.1663983427.0000019F85848000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1666325561.0000019F85849000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1671417255.0000019F85851000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8581E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660858920.0000019F85821000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663702623.0000019F85847000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    http://geocode.arcgis.com/arcgis/rest/services/World/GeocodeServer/findAddressCandidatesfAatfRnCZ5.exe, 00000005.00000003.1327844588.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      http://crl.securetrust.com/SGCA.crlfAatfRnCZ5.exe, 00000008.00000002.1679034775.0000019F858AF000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670947676.0000019F858AE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670763461.0000019F858AD000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8587B000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1669314893.0000019F8588D000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660067514.0000019F85881000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F85887000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        http://.../back.jpegfAatfRnCZ5.exe, 00000008.00000002.1681839555.0000019F86000000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          http://www.openssl.org/VfAatfRnCZ5.exe, 00000005.00000003.1325389171.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1313513558.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            https://www.python.org/download/releases/2.3/mro/.fAatfRnCZ5.exe, 00000008.00000002.1676989473.0000019F84CA0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              https://httpbin.org/postfAatfRnCZ5.exe, 00000008.00000003.1673305894.0000019F854CD000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660357531.0000019F854B1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1589084054.0000019F85473000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590588964.0000019F854A4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665432617.0000019F854BB000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1664775421.0000019F854B5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661240960.0000019F854B3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                http://nominatim.openstreetmap.org/searchfAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  https://docs.python.org/3/library/importlib.html#importlib.abc.InspectLoader.get_sourcefAatfRnCZ5.exe, 00000008.00000002.1676989473.0000019F84CA0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    https://github.com/Ousret/charset_normalizerfAatfRnCZ5.exe, 00000008.00000003.1660411898.0000019F85444000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      http://www.firmaprofesional.com/cps0fAatfRnCZ5.exe, 00000008.00000003.1661479370.0000019F85445000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1664182590.0000019F85446000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662605766.0000019F85D45000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1673739995.0000019F85447000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85D12000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663499334.0000019F85445000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660998886.0000019F85D10000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662411451.0000019F85D36000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661289089.0000019F85D1A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662325438.0000019F85D2B000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660411898.0000019F85444000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661376493.0000019F85D20000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://docs.python.org/3/library/importlib.html#importlib.abc.PathEntryFinder.find_specfAatfRnCZ5.exe, 00000008.00000002.1676989473.0000019F84D2C000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          https://github.com/urllib3/urllib3/issues/2920fAatfRnCZ5.exe, 00000008.00000002.1680213064.0000019F85A60000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            http://.cssfAatfRnCZ5.exe, 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              http://crl.securetrust.com/SGCA.crl0fAatfRnCZ5.exe, 00000008.00000003.1662719082.0000019F8599C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F859BE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663562430.0000019F859C3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660162436.0000019F8599C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                http://c.tile.openstreetmap.org/%z/%x/%y.pngfAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                  		high
                                                                                                                                                  https://docs.python.org/3/library/importlib.html#importlib.abc.ResourceLoader.get_datafAatfRnCZ5.exe, 00000008.00000003.1663399635.0000019F8349C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1676771227.0000019F8349F000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1664931068.0000019F8349F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                    		high
                                                                                                                                                    https://yahoo.com/fAatfRnCZ5.exe, 00000008.00000003.1663983427.0000019F85848000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8581E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660858920.0000019F85821000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663702623.0000019F85847000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                      		high
                                                                                                                                                      http://crl.securetrust.com/STCA.crl0fAatfRnCZ5.exe, 00000008.00000003.1662719082.0000019F8599C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F859BE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663562430.0000019F859C3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660162436.0000019F8599C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                        		high
                                                                                                                                                        http://crl.securetrust.com/STCA.crl3fAatfRnCZ5.exe, 00000008.00000002.1679034775.0000019F858AF000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670947676.0000019F858AE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670763461.0000019F858AD000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8587B000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1669314893.0000019F8588D000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660067514.0000019F85881000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F85887000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                          		high
                                                                                                                                                          https://www.gnu.org/licenses/gpl-3.0.html.fAatfRnCZ5.exe, 00000005.00000003.1360914060.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1372679416.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1375574785.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1359690217.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1434383883.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1363872794.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1435031821.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1373137252.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1373769208.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1364221625.0000022DCC676000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1361673361.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1377554287.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1363723122.0000022DCC676000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1372988791.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1434383883.0000022DCC673000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1361147675.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1365096461.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358423351.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1361998297.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358685730.0000022DCC674000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                            		high
                                                                                                                                                            https://www.gnu.org/licenses/gpl-2.0.htmlfAatfRnCZ5.exe, 00000005.00000003.1434383883.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1435031821.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1434383883.0000022DCC673000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1435031821.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, GaugeStyle.qml.5.dr, FocusFrameStyle.qml.5.dr, RadioButtonStyle.qml.5.drfalse
                                                                                                                                                              		high
                                                                                                                                                              http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-6fAatfRnCZ5.exe, 00000008.00000003.1670947676.0000019F858AE000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670763461.0000019F858AD000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8587B000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1669314893.0000019F8588D000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660067514.0000019F85881000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590871292.0000019F85887000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                		high
                                                                                                                                                                https://html.spec.whatwg.org/multipage/fAatfRnCZ5.exe, 00000008.00000003.1663773281.0000019F854DF000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660357531.0000019F854B1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1589084054.0000019F85473000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590588964.0000019F854A4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661240960.0000019F854B3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1667863566.0000019F854E0000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1671246957.0000019F854E1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1670803702.0000019F854E0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  http://www.quovadisglobal.com/cps0fAatfRnCZ5.exe, 00000008.00000003.1662490950.0000019F859F2000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659601664.0000019F859F2000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1591153575.0000019F859F2000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662632015.0000019F859FB000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                    		high
                                                                                                                                                                    http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crlfAatfRnCZ5.exe, 00000008.00000003.1661996111.0000019F85D0D000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1680947660.0000019F85D0D000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://urllib3.readthedocs.io/en/latest/advanced-usage.html#tls-warningsfAatfRnCZ5.exe, 00000008.00000002.1680213064.0000019F85A60000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://viltrac.com/wp-content/uploads/2024/11/NeighborResolve_nopump.exe6A0fAatfRnCZ5.exe, 00000008.00000002.1677235236.0000019F851C0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                        • Avira URL Cloud: safe
                                                                                                                                                                        		unknown
                                                                                                                                                                        http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl0fAatfRnCZ5.exe, 00000008.00000003.1659304238.0000019F85CE1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590701061.0000019F85D12000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1662465338.0000019F85D1C000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660998886.0000019F85D10000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660756197.0000019F85CE6000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660947309.0000019F85D09000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1681031810.0000019F85D1E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661289089.0000019F85D1A000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1659969808.0000019F85CE3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                          		high
                                                                                                                                                                          https://urllib3.readthedocs.io/en/latest/advanced-usage.html#tls-warningspfAatfRnCZ5.exe, 00000008.00000002.1680213064.0000019F85A60000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                          • Avira URL Cloud: safe
                                                                                                                                                                          		unknown
                                                                                                                                                                          https://www.gnu.org/licenses/lgpl-3.0.html.fAatfRnCZ5.exe, 00000005.00000003.1434383883.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1435031821.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1434383883.0000022DCC673000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1435031821.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, GaugeStyle.qml.5.dr, FocusFrameStyle.qml.5.dr, RadioButtonStyle.qml.5.drfalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://www.qt.io/terms-conditions.fAatfRnCZ5.exe, 00000005.00000003.1360914060.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1372679416.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1375574785.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1359690217.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1434383883.0000022DCC688000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1363872794.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1435031821.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1373137252.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1373769208.0000022DCC671000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1364221625.0000022DCC676000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1361673361.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1377554287.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1449843319.0000022DCC678000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1363723122.0000022DCC676000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1372988791.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1434383883.0000022DCC673000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1361147675.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1365096461.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358423351.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1361998297.0000022DCC674000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000005.00000003.1358685730.0000022DCC674000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                              		high
                                                                                                                                                                              https://www.rfc-editor.org/rfc/rfc8259#section-8.1fAatfRnCZ5.exe, 00000008.00000003.1659825473.0000019F8581E000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1663983427.0000019F85825000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660858920.0000019F85821000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665271905.0000019F85846000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                		high
                                                                                                                                                                                http://www.thunderforest.com/fAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                                                		unknown
                                                                                                                                                                                https://viltrac.com/wp-content/uploads/2024/11/slimo-qt.exeyc0fAatfRnCZ5.exe, 00000008.00000002.1677235236.0000019F851C0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                                                		unknown
                                                                                                                                                                                http://maps-redirect.qt.io/osm/5.8/fAatfRnCZ5.exe, 00000005.00000003.1328635986.0000022DCC66F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                                                		unknown
                                                                                                                                                                                https://requests.readthedocs.iofAatfRnCZ5.exe, 00000008.00000003.1673305894.0000019F854CD000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1660357531.0000019F854B1000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1589084054.0000019F85473000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1590588964.0000019F854A4000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1665432617.0000019F854BB000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1664775421.0000019F854B5000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000003.1661240960.0000019F854B3000.00000004.00000020.00020000.00000000.sdmp, fAatfRnCZ5.exe, 00000008.00000002.1682107300.0000019F86148000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                  		high

                                                                                                                                                                                  World Map of Contacted IPs

                                                                                                                                                                                  • No. of IPs < 25%
                                                                                                                                                                                  • 25% < No. of IPs < 50%
                                                                                                                                                                                  • 50% < No. of IPs < 75%
                                                                                                                                                                                  • 75% < No. of IPs

                                                                                                                                                                                  Public IPs

                                                                                                                                                                                  IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                  104.21.21.198
                                                                                                                                                                                  		viltrac.comUnited States
                                                                                                                                                                                  		13335CLOUDFLARENETUSfalse

                                                                                                                                                                                  General Information

                                                                                                                                                                                  Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                  Analysis ID:1578208
                                                                                                                                                                                  Start date and time:2024-12-19 12:33:11 +01:00
                                                                                                                                                                                  Joe Sandbox product:CloudBasic
                                                                                                                                                                                  Overall analysis duration:0h 8m 48s
                                                                                                                                                                                  Hypervisor based Inspection enabled:false
                                                                                                                                                                                  Report type:full
                                                                                                                                                                                  Cookbook file name:default.jbs
                                                                                                                                                                                  Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                  Number of analysed new started processes analysed:12
                                                                                                                                                                                  Number of new started drivers analysed:0
                                                                                                                                                                                  Number of existing processes analysed:0
                                                                                                                                                                                  Number of existing drivers analysed:0
                                                                                                                                                                                  Number of injected processes analysed:0
                                                                                                                                                                                  Technologies:
                                                                                                                                                                                  • HCA enabled
                                                                                                                                                                                  • EGA enabled
                                                                                                                                                                                  • AMSI enabled
                                                                                                                                                                                  Analysis Mode:default
                                                                                                                                                                                  Analysis stop reason:Timeout
                                                                                                                                                                                  Sample name:fAatfRnCZ5.exe
                                                                                                                                                                                  renamed because original name is a hash value
                                                                                                                                                                                  Original Sample Name:34c4c90a0f30142be902016f1d223176598c74506bbf516cca52fb89bdd72f55.exe
                                                                                                                                                                                  Detection:MAL
                                                                                                                                                                                  Classification:mal52.evad.winEXE@3/1026@1/1
                                                                                                                                                                                  EGA Information:
                                                                                                                                                                                  • Successful, ratio: 100%
                                                                                                                                                                                  HCA Information:Failed
                                                                                                                                                                                  Cookbook Comments:
                                                                                                                                                                                  • Found application associated with file extension: .exe

                                                                                                                                                                                  Warnings

                                                                                                                                                                                  • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, Sgrmuserer.exe, conhost.exe, svchost.exe
                                                                                                                                                                                  • Excluded IPs from analysis (whitelisted): 13.107.246.63, 4.245.163.56
                                                                                                                                                                                  • Excluded domains from analysis (whitelisted): otelrules.azureedge.net, slscr.update.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
                                                                                                                                                                                  • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                  • Report size exceeded maximum capacity and may have missing disassembly code.
                                                                                                                                                                                  • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                  • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                  • Report size getting too big, too many NtQueryVolumeInformationFile calls found.
                                                                                                                                                                                  • Report size getting too big, too many NtReadFile calls found.
                                                                                                                                                                                  • Report size getting too big, too many NtSetInformationFile calls found.
                                                                                                                                                                                  • Report size getting too big, too many NtWriteFile calls found.

                                                                                                                                                                                  Simulations

                                                                                                                                                                                  Behavior and APIs

                                                                                                                                                                                  No simulations

                                                                                                                                                                                  Joe Sandbox View / Context

                                                                                                                                                                                  IPs

                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                  104.21.21.198Hesab#U0131 Onaylay#U0131n.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                  • www.feasible-weld.com/g43o/?j0DLG=QkSDkAQwJsfinh3WrOYNwuLRn/wZcwP5ROix40ZEWiTyy9DSEEEXqyK/VjgFco5oKzQL&zl_PqJ=KxlpdRmXzNBLJpD0
                                                                                                                                                                                  PO5411.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                  • www.movementinspires.com/pnqr/?rZULMf_=947cDAfMtsIS/zejVd4hkXb2b5N+AxK6ZTWGMEGb/CYmLctFgtEwYesMNqUKu8NWWTag&FtgT=MXyTezehH

                                                                                                                                                                                  Domains

                                                                                                                                                                                  No context

                                                                                                                                                                                  ASNs

                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                  CLOUDFLARENETUShttp://efaktura.dhlecommerce.plGet hashmaliciousUnknownBrowse
                                                                                                                                                                                  • 104.18.86.42
                                                                                                                                                                                  file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, Cryptbot, LummaC Stealer, Stealc, XmrigBrowse
                                                                                                                                                                                  • 172.67.179.109
                                                                                                                                                                                  WTvNL75dCr.exeGet hashmaliciousPython BackDoorBrowse
                                                                                                                                                                                  • 104.20.22.46
                                                                                                                                                                                  WTvNL75dCr.exeGet hashmaliciousPython BackDoorBrowse
                                                                                                                                                                                  • 104.20.22.46
                                                                                                                                                                                  https://github.com/starise/win11-virtual-desktop-extension/releases/download/1.1.0/VirtualDesktopExtension-1.1.0.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                  • 1.1.1.1
                                                                                                                                                                                  https://e.trustifi.com/#/fff2a1/305619/6dc30e/bb62bb/581844/11c063/a3c1ce/c0ba4d/e8666a/ef542d/85972d/627493/9a11d6/1f4096/1d247f/838c7e/cd63d6/82c9fe/baf706/264690/9188a6/a54400/a45112/68deb9/a1d612/148c70/62dcf5/9cb4f7/9713c0/de2350/884a31/c8623a/2f5546/ab6255/63291e/390e78/6b371c/add804/d4bbed/01f0b4/6023ca/9b7c0b/b0881b/bd8fbb/380790/942e2d/c30675/2c79c4/594b5b/fa5dac/c17e29/ec9861/3d4f90/8d1dd9/15a5f1/e3d291/035383/58ff7f/dcf654/c36a6d/ac2219/0a7478/f49f04/50db6b/1c0640/509cd9/d5eb23/7e01e4/b5bcef/2cfb1e/1cd263/f68c45/7325e0/8e5d9b/dacf2c/074706/a0f040/11bf65/f8b4f7/b49b4f/da74f6/285aa9/b249dd/d9b9c7/1a738e/07e7fa/7ea43f/a69f97/422641/436e51/504e86Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                  • 104.17.25.14
                                                                                                                                                                                  NieuwBetalingsbevestigingvoor vanas.eu.htmGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                  • 104.17.25.14
                                                                                                                                                                                  https://init-area.fr/ABGet hashmaliciousUnknownBrowse
                                                                                                                                                                                  • 104.17.25.14
                                                                                                                                                                                  https://registry.paratext.orgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                  • 104.26.6.135
                                                                                                                                                                                  DHL_231437894819.bat.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                  • 104.26.13.205

                                                                                                                                                                                  JA3 Fingerprints

                                                                                                                                                                                  No context

                                                                                                                                                                                  Dropped Files

                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Core.dllWTvNL75dCr.exeGet hashmaliciousPython BackDoorBrowse
                                                                                                                                                                                    WTvNL75dCr.exeGet hashmaliciousPython BackDoorBrowse
                                                                                                                                                                                      FileScanner.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                        MacAttack.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                          download.ps1Get hashmaliciousPython BackDoorBrowse
                                                                                                                                                                                            y3x8pjQ1Ci.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              y3x8pjQ1Ci.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                download.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                  download.ps1Get hashmaliciousUnknownBrowse

                                                                                                                                                                                                    Created / dropped Files

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\MSVCP140.dll

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):575056
                                                                                                                                                                                                    Entropy (8bit):6.52904444699071
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12288:ZSTTigI46Bb3SUPvRgrKtzL4paQEKZm+jWodEEVPLwtQV:ZUStQaQEKZm+jWodEE9CQV
                                                                                                                                                                                                    MD5:6C3AD90EE8D03A4CE68DBB34B0D72B1E
                                                                                                                                                                                                    SHA1:55157B5AABD167DC9DBD158A5C7AD435101652E7
                                                                                                                                                                                                    SHA-256:7B8A6F283884E6448559DCF510B00C1A885BFB8E598EA05CD2C290C874657326
                                                                                                                                                                                                    SHA-512:6D1626906C9D924254839A1FB9115047A8F49864338EC8902431AF5D5C9AB65596208CA71F0C7E8094C103F47C788FC1A9B8E9F347471FA81ADFE3AA9367065A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........)...H...H...H...0...H...0...H...H...H......H......H......H....._H......H....w..H......H..Rich.H..................PE..d... ............" ...(.6...X......0................................................v....`A.........................................2..h...X...,............p.. :...v..PP..............p...........................`...@............P..x............................text....4.......6.................. ..`.rdata.......P.......:..............@..@.data...p8...0......................@....pdata.. :...p...<...,..............@..@.rsrc................h..............@..@.reloc...............l..............@..B........................................................................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QAxContainer.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5063
                                                                                                                                                                                                    Entropy (8bit):5.148372340778111
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:U6Q+rzMoJ/kFuTDOyfKRAPOVOmcIKRAPOVvXXfRIZrPfWZIV:yisAfKRAPOVOoKRAPOVve2S
                                                                                                                                                                                                    MD5:62CB7130F70C4036FDA297D643CBD7E6
                                                                                                                                                                                                    SHA1:740C58A5F92892CE081AFB46DF56E5545C5FD4E7
                                                                                                                                                                                                    SHA-256:D71476219FF5E5015BE2C30DEAD4E9B35E1EA3A2DC1827D525089B7E9C0C8B09
                                                                                                                                                                                                    SHA-512:928B121C7EE20137BE252792A3B856A7B84C4B8FB30B91320D7D754821BCFF149ED76AF227F58BEE255DA98A946910D173E200FDFC6AF962B5541782D9679399
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QAxContainer module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import Qt

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Bluetooth.dll

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):547824
                                                                                                                                                                                                    Entropy (8bit):6.287419036859771
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12288:2uHPEWA+tJeWIHe/Q6JfFRj9r0Iju/W38tDZR2sjjzXlMt:2ucStJeCzFRj9r0Iju/W38tDZR2sjjI
                                                                                                                                                                                                    MD5:2C7A3F9A9158DC733E3053F2D2678F6F
                                                                                                                                                                                                    SHA1:6EB9F9849D2D901739C79C2FD7832E77860C8AFB
                                                                                                                                                                                                    SHA-256:13617D6112C31F91D8F69771FADD7819F957FBD957AFE34E090C9C45E0DFDF30
                                                                                                                                                                                                    SHA-512:DDE9E4B21E6B9D6BA31A6AC917E26AB5350652DC21038FDE04AD660D50F61634D2858BB3ECD55CC8A10BFE92098938CBCE0BDD4475534F2AA541BBDE04AC2BF6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........Z..Y;j.Y;j.Y;j..Tn.Q;j..Ti.Z;j..To.N;j..Tk._;j..Kk.[;j.MPk._;j.PC..P;j.Y;k.c:j..Ko.j;j..Kj.X;j..K..X;j.Y;..X;j..Kh.X;j.RichY;j.........................PE..d......_.........." ................\........................................p....... ....`..........................................U......`........P..........tO...@.......`......0...T......................(.......0............................................text.............................. ..`.rdata..Bv.......x..................@..@.data...(....0......................@....pdata..tO.......P..................@..@.rsrc........P......................@..@.reloc.......`.......4..............@..B........................................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Core.dll

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6023664
                                                                                                                                                                                                    Entropy (8bit):6.768988071491288
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:98304:hcirJylHYab/6bMJsv6tWKFdu9CLiZxqfg8gwf:+irJylHFb/QMJsv6tWKFdu9CL4xqfg8x
                                                                                                                                                                                                    MD5:817520432A42EFA345B2D97F5C24510E
                                                                                                                                                                                                    SHA1:FEA7B9C61569D7E76AF5EFFD726B7FF6147961E5
                                                                                                                                                                                                    SHA-256:8D2FF4CE9096DDCCC4F4CD62C2E41FC854CFD1B0D6E8D296645A7F5FD4AE565A
                                                                                                                                                                                                    SHA-512:8673B26EC5421FCE8E23ADF720DE5690673BB4CE6116CB44EBCC61BBBEF12C0AD286DFD675EDBED5D8D000EFD7609C81AAE4533180CF4EC9CD5316E7028F7441
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Joe Sandbox View:
                                                                                                                                                                                                    • Filename: WTvNL75dCr.exe, Detection: malicious, Browse
                                                                                                                                                                                                    • Filename: WTvNL75dCr.exe, Detection: malicious, Browse
                                                                                                                                                                                                    • Filename: FileScanner.exe, Detection: malicious, Browse
                                                                                                                                                                                                    • Filename: MacAttack.exe, Detection: malicious, Browse
                                                                                                                                                                                                    • Filename: download.ps1, Detection: malicious, Browse
                                                                                                                                                                                                    • Filename: y3x8pjQ1Ci.exe, Detection: malicious, Browse
                                                                                                                                                                                                    • Filename: y3x8pjQ1Ci.exe, Detection: malicious, Browse
                                                                                                                                                                                                    • Filename: download.ps1, Detection: malicious, Browse
                                                                                                                                                                                                    • Filename: download.ps1, Detection: malicious, Browse
                                                                                                                                                                                                    Reputation:moderate, very likely benign file
                                                                                                                                                                                                    Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......D.............................UJ......................................................W.....,..................r....................Rich............PE..d...;._.........." ..........-.......-......................................`\.....x.\...`...........................................L..O....T...... \.......U.. ....[......0\..%..,.H.T.....................H.(.....H.0............./.H............................text............................... ..`.rdata..F7%.../..8%.................@..@.data...x....PT..\...6T.............@....pdata... ....U.."....T.............@..@.qtmimed.....0W.......V.............@..P.rsrc........ \.......[.............@..@.reloc...%...0\..&....[.............@..B........................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5DBus.dll

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):436720
                                                                                                                                                                                                    Entropy (8bit):6.392610185061176
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6144:ZLvnUJ17UTGOkWHUe/W9TgYMDu96ixMZQ8IlXbKgp8aIDeN:KP7cGOGegTwu96ixMZQtlrPN
                                                                                                                                                                                                    MD5:0E8FF02D971B61B5D2DD1AC4DF01AE4A
                                                                                                                                                                                                    SHA1:638F0B46730884FA036900649F69F3021557E2FE
                                                                                                                                                                                                    SHA-256:1AA70B106A10C86946E23CAA9FC752DC16E29FBE803BBA1F1AB30D1C63EE852A
                                                                                                                                                                                                    SHA-512:7BA616EDE66B16D9F8B2A56C3117DB49A74D59D0D32EAA6958DE57EAC78F14B1C7F2DBBA9EAE4D77937399CF14D44535531BAF6F9DB16F357F8712DFAAE4346A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Reputation:moderate, very likely benign file
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........D..*..*..*.....*...+..*.../..*.......*...)..*...+..*.O.+..*..+...*.O./..*.O.*..*.O....*.....*.O.(..*.Rich.*.........................PE..d...]._.........." .....\...<.......\..............................................K.....`..........................................h..to...................`...Q..............4.......T.......................(...`...0............p...............................text...yZ.......\.................. ..`.rdata..0....p.......`..............@..@.data...X....@......."..............@....pdata...Q...`...R...2..............@..@.rsrc...............................@..@.reloc..4...........................@..B........................................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Designer.dll

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4487152
                                                                                                                                                                                                    Entropy (8bit):7.387256867718643
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:98304:wriDM0a/9ul3ttbU/pQP2xlEeOCGfmcQWmvHWd/52/:wriDM0a/9ul3ttbcQOx4CUmcQWmvGU/
                                                                                                                                                                                                    MD5:C4351384C469750009E5464DD773019A
                                                                                                                                                                                                    SHA1:9F114BAC87AF2E0598790CF3298CA7BDFAFDFE21
                                                                                                                                                                                                    SHA-256:807E2B399048BC482E1A96F10669387F5F27542CA1B1D8DBCBAEABE53055752A
                                                                                                                                                                                                    SHA-512:6199AF25E0224B7288D4B84B9677BAD7CFFCE64F6BCD7B46817823887F94894FA764E1FB31EB300B5F1AFC64CCF433E71DB2ED28044F2001CC1715CB20433944
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........gzI..)I..)I..)@.)C..)...(M..)]..(K..)...(A..)...(M..)...(P..)...(@..)I..)..)...(...)...(H..)...)H..)I..)H..)...(H..)RichI..)........................PE..d...+.._.........." .........^......t.........................................D......JE...`.......................................... :. .....>......0D.......B..W...\D......@D. `....7.T...................P.7.(... .7.0............ ...d...........................text............................... ..`.rdata....+.. ....+.................@..@.data...8.....A.......A.............@....pdata...W....B..X....B.............@..@.rsrc........0D.......C.............@..@.reloc.. `...@D..b....C.............@..B........................................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Gui.dll

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):7008240
                                                                                                                                                                                                    Entropy (8bit):6.674290383197779
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:49152:9VPhJZWVvpg+za3cFlc61j2VjBW77I4iNlmLPycNRncuUx24LLsXZFC6FOCfDt2/:BJZzI1ZR3U9Cxc22aDACInVc4Z
                                                                                                                                                                                                    MD5:47307A1E2E9987AB422F09771D590FF1
                                                                                                                                                                                                    SHA1:0DFC3A947E56C749A75F921F4A850A3DCBF04248
                                                                                                                                                                                                    SHA-256:5E7D2D41B8B92A880E83B8CC0CA173F5DA61218604186196787EE1600956BE1E
                                                                                                                                                                                                    SHA-512:21B1C133334C7CA7BBBE4F00A689C580FF80005749DA1AA453CCEB293F1AD99F459CA954F54E93B249D406AEA038AD3D44D667899B73014F884AFDBD9C461C14
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...................................(...........!..L.!This program cannot be run in DOS mode....$.......QH^~.)0-.)0-.)0-.Q.-.)0-...-.)0-.F4,.)0-.F3,.)0-.F5,.)0-.F1,.)0-.Y1,.)0-.B5,.)0-.B1,.)0-.)1-m,0-.Y4,.)0-.Y5,|(0-.Y0,.)0-.Y.-.)0-.).-.)0-.Y2,.)0-Rich.)0-................PE..d....._.........." ......?...+.....X.?.......................................k.....R.k...`.........................................pKK.....d.e.|....`k.......g.......j......pk..6....F.T................... .F.(.....F.0.............?.p+...........................text...2.?.......?................. ..`.rdata...z&...?..|&...?.............@..@.data....o... f.......f.............@....pdata........g.......f.............@..@.rsrc........`k.......j.............@..@.reloc...6...pk..8....j.............@..B........................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Help.dll

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):428528
                                                                                                                                                                                                    Entropy (8bit):6.385860506526288
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6144:W5OU+lG3LViV3hMkkAGdFxBsVn3uhIb4kW4XJjnK2xKDgpywUoVXqXrarUPtGBf2:W5OEViVRMpAv3uh+4kzKmKafzu6g
                                                                                                                                                                                                    MD5:6FAAB9F54169B33F970A2CE0AE8EAD06
                                                                                                                                                                                                    SHA1:0EE3071737827204FEB6FDAEB5A4A9A01EB43EC0
                                                                                                                                                                                                    SHA-256:E976997B615403842437E46053412FE571377443631D7BEC99FF5C2C7E00A5CC
                                                                                                                                                                                                    SHA-512:D35A3E41C68B160C8E475A04888BA9397F029E4A091335ED7080EE917B70A42F0CBE9161B16A27C37E730701936798C2E195E3921B6DAE13B838B41617E932D2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G.?...Q...Q...Q......Q..P...Q...P...Q..T...Q..U...Q..R...Q...P...Q...P...Q...T.+.Q...Q...Q.......Q......Q...S...Q.Rich..Q.........................PE..d......_.........." .....................................................................`..............................................M..HL...............@..48...n..................T.......................(.......0............................................text...o........................... ..`.rdata...Z.......\..................@..@.data...x.... ......................@....pdata..48...@...:... ..............@..@.rsrc................Z..............@..@.reloc...............`..............@..B........................................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Location.dll

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1645552
                                                                                                                                                                                                    Entropy (8bit):6.453516525501338
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:49152:IkbrrRuQFClXJLeYyj+LZ1s3yoqKYe+Ok:InQgLz
                                                                                                                                                                                                    MD5:3E8F0D7A97856A7A4FAB71CE11D0C46E
                                                                                                                                                                                                    SHA1:2402EFD8E996DD45F10A42F6D0D5DBA9427D9D57
                                                                                                                                                                                                    SHA-256:E25D5470EBF057743E9A427358AA1F13B661442EDDBD695D20AC421A97E19A40
                                                                                                                                                                                                    SHA-512:C37BB5535906AFAE12D317408E11E91514178B0B74FA08F17D7C7C47963367A4F8768721BF2D156AF2193366DC79630729BBB082F11950C14205521519F3C9F0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......V....o.P.o.P.o.P...P.o.P...Q.o.P...Q.o.P...Q.o.P...Q.o.P...Q.o.P...Q.o.P.o.PTk.P...Q.o.P...Q.o.P..}P.o.P.o.P.o.P...Q.o.PRich.o.P........PE..d....o._.........." ........."......H........................................@............`..............................................u..pm..T................ ..............T#..0G..T....................H..(....G..0................"...........................text...2........................... ..`.rdata...O.......P..................@..@.data...p....P...~...8..............@....pdata... ....... ..................@..@.rsrc...............................@..@.reloc..T#.......$..................@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\bin\Qt5Multimedia.dll

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):746480
                                                                                                                                                                                                    Entropy (8bit):6.260644163524817
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6144:jLIJMPFfMerCs1uXdHbbbboLxywnY9jnvQz5dm9mMhI/p5PQCf3FR19EjqD0jKds:j+MPFfMervUXzYeg/mR4G
                                                                                                                                                                                                    MD5:01DF79071F9DA0B9B7BDA3DB7FDC8809
                                                                                                                                                                                                    SHA1:6944ACC06F8691A27AA0833D29F0389F0E036BF0
                                                                                                                                                                                                    SHA-256:1A59AE2A9FF768AD6BFB888FE3DD2544E238F0B28DA83CF375EBD803CE713DC4
                                                                                                                                                                                                    SHA-512:486D3F93E56AB50E0C9937E3472762946AFDBB28279818D42081F5784F3AF2DF6D55253D4CF4839601058DCEFB5E543144B91B4572BED96CA9926A0A2AFE5711
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........Q..Q..Q..X.&.Y..E...S.....D.....Y.....U.....U.....V..Q.......$.....P...J.P..Q.".P.....P..RichQ..........PE..d...2.._.........." ...............................................................{.....`.................................................@8.......`..............H.......p.......^..T...................P`..(... _..0...............X............................text...R........................... ..`.rdata..............................@..@.data....3.......(...|..............@....pdata.............................@..@.rsrc........`.......,..............@..@.reloc.......p.......2..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\Flip.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1709
                                                                                                                                                                                                    Entropy (8bit):4.799915026290413
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9lz3UECQm8/s:M2aay6E+iCshvSdGvVny9lzkECQm80
                                                                                                                                                                                                    MD5:B8ED6D32EDCB90671AE0A293EDBD08B8
                                                                                                                                                                                                    SHA1:ED7D906F68433049514B111044E33504936D4616
                                                                                                                                                                                                    SHA-256:9CF08837204CC84A8B4FD12B27EF7AF61A00B6A2CDC8A37E3FFF21C49BBAE64B
                                                                                                                                                                                                    SHA-512:7DC93CB7F50BD804105036D58877CBBBCFB197710722797DB21D414AA63B82E0E4D620B7968BC683344777896EFA7103A00323981733B02178F551868B16BD94
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\Fxaa.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2358
                                                                                                                                                                                                    Entropy (8bit):4.707889370378023
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9lzkueUtfhMIqpb1j:Laa8qdOnalzq/
                                                                                                                                                                                                    MD5:A1588486A002590202FE15399C3EF03E
                                                                                                                                                                                                    SHA1:8339D591574356F8BB29C2CBC7B0365481572DDD
                                                                                                                                                                                                    SHA-256:4867F4EF343A90B269473132A217AB01B69C3E819533D711EBB315484AAB2D97
                                                                                                                                                                                                    SHA-512:00D3D5371E88F0734F6C0EC4C6D4946A5E7EB55DB462FA2222B529582BF9811001E54DEDC32FF54C5C2E1FE58BC5EA0E9D6BA0EDC603384C0E68F8E4AEC0A4A5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\GaussianBlur.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2433
                                                                                                                                                                                                    Entropy (8bit):4.718878049526607
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9lzkEcQC6CdRtQqpTMILG:Laa8qdOnibytQqan
                                                                                                                                                                                                    MD5:DFCD8CD4E27DF1197AC3F4D50102E430
                                                                                                                                                                                                    SHA1:017105BE6ADF152B565327358C13161DD2FC1BC2
                                                                                                                                                                                                    SHA-256:4FA125609C3FAAC5938FB8358B3AE004B0645A50FD7001D23F542CF9B9FB4CB7
                                                                                                                                                                                                    SHA-512:D3B67EC0F1CF63CA346EB0D8A2D3B94325C7DB8B9C4DEF4AE68DEBB1B714351D3A35F5E28FACF48D59BD70519F2EEAEA4B209DF6B730A4B7CD5ABD5ED5407F45
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\HDRBloomTonemap.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4952
                                                                                                                                                                                                    Entropy (8bit):4.574667393084756
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9lzkuiQfi2UGQgBTzQ+LC0xaCTNdZIcGWiGWCGbYxnxd:Laa8qdOnaiuiBlgtEI7YXtWrWLWxEjDG
                                                                                                                                                                                                    MD5:D5DCB47BDD1CC70CA4223C51DB8D09C4
                                                                                                                                                                                                    SHA1:E2539CB5B1C4F6C366B20547C6B55655AF4913D1
                                                                                                                                                                                                    SHA-256:EC04E7A38EAAF958FA887DFC6D93F39BAEC5A867326F4EEA113E4A07A2280CA1
                                                                                                                                                                                                    SHA-512:0D58AE204F6EAA57A60E911DEF18CA25C89639A375B5EBA6FC39E2DAC24C6C541A253CBED1725AD01891551269B55BD63339E153FCAB10FC7964C996DF2B82B3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\MotionBlur.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3625
                                                                                                                                                                                                    Entropy (8bit):4.569448410738466
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9lzkuetxnCs8C4h44bMGz0tCGz4TYtdYJ8:Laa8qdOnaGngHB4tL3P
                                                                                                                                                                                                    MD5:B8D06C1DD38ED9B0A9FF7972FC5E8FDF
                                                                                                                                                                                                    SHA1:A34336923125A2A431E4C9B594A568815FF654FB
                                                                                                                                                                                                    SHA-256:A99CF910E8953409A69DBE7DD166885BB680892A4F8A67F92B7323A179CC1D7B
                                                                                                                                                                                                    SHA-512:5D3FAEA2219F9DE776B97D502C9A5877C9E15FCB21CC6D203EA09603DA4D4CB0A248AFB7D202D6B98B1B9539C7D5A6ED20E9850C122137D1D77CF135842DF2AF
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\SCurveTonemap.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2315
                                                                                                                                                                                                    Entropy (8bit):4.812087002644841
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9wzkTEYXNe67NJnA36/7xmseK:Laa8qdOnUOst
                                                                                                                                                                                                    MD5:B431393D0D9845458521FD90D8B27C2E
                                                                                                                                                                                                    SHA1:9D6DF6DDE6353E5EA412390F7D85294A9F902796
                                                                                                                                                                                                    SHA-256:3FB073533E77446705DAED838656B38CCF7C7833C91A4B7FC626F8CEA57132D8
                                                                                                                                                                                                    SHA-512:22B6E3AE2B477498C7E8708BDE7EE27CEAB85105C513251D87A6BE6E183800E15321C29203567044719D420DF2AD9A25950A8C0BE8815C5C5EE1BDAC0696675E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\Scatter.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2044
                                                                                                                                                                                                    Entropy (8bit):4.798738085354523
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9lzkA936GRKohH:Laa8qdOnAKs
                                                                                                                                                                                                    MD5:6FEB7C814848E3B7BC2B5DDD27E618CB
                                                                                                                                                                                                    SHA1:57E513762F0FD5300B1D73CBF2E63E5BA517C9E3
                                                                                                                                                                                                    SHA-256:E3A4CB42A3B1E0353A339CAF8D1D5353CD0865D10B29ABF3B03D5A99AF769F15
                                                                                                                                                                                                    SHA-512:AB0F98DADAEF0EB66C7E0F0311FAF8BF3101BCC9D9EBA469B576B6329887638CF9565E2E9B310EF0AABF5D83A2D0A840F7F68EBF16D371AB21C655BBB3FBDE78
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\TiltShift.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3007
                                                                                                                                                                                                    Entropy (8bit):4.693165448047509
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9lzku45UBw9CO8Cqc0Gz/3:Laa8qdOnagIQl7
                                                                                                                                                                                                    MD5:699B6B39A7D06716B15805F125849363
                                                                                                                                                                                                    SHA1:17399EDE2F72CFEFF99BD3A7A02002825A2ACA05
                                                                                                                                                                                                    SHA-256:976CF7D7F32A03D7C4B1094EDBC9E4F2942F4D0605AA6E7EA85F82456F7B2FD1
                                                                                                                                                                                                    SHA-512:ABD40A0B9F413AD6F68442DC42BDE545BC71C9BA905523F483A13210C9B4028264BFC4F3E0850BD3BE7426D30BF52CF134EF5158B921664C301B02F4438A2732
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\Vignette.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1803
                                                                                                                                                                                                    Entropy (8bit):4.825264796540213
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9lz3UYt95fHx/WU:M2aay6E+iCshvSdGvVny9lzkY/5fHxZ
                                                                                                                                                                                                    MD5:DA8EE720861657460C5C7C09D1A8F0B4
                                                                                                                                                                                                    SHA1:5B84CE0EA45C48D784DB9DE7B4E4BCF83A78315C
                                                                                                                                                                                                    SHA-256:6E37478F9914227DE2EAC7094D12E40B83251E1491BB0D42482668A2C9C3BE44
                                                                                                                                                                                                    SHA-512:036CBAFD2D9CF550087B4497A39859BABBAB4F695F7EF3CFD89805FE3D8192A17A9794958C35D52510F0552CCE2EFB4B1F526F3946817D81653CD391ED466CAB
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\AdditiveColorGradientSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2104
                                                                                                                                                                                                    Entropy (8bit):4.746574125289865
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LoO1kCBdO1ZkCBf:Laa8qdOnKFLogBdc5Bf
                                                                                                                                                                                                    MD5:C4259DD7EFEAE9DD33D096FCE19EE88D
                                                                                                                                                                                                    SHA1:BB4C5139BC03490DB66FB6A088EA27B2C7FE724D
                                                                                                                                                                                                    SHA-256:CCBF62975ADAF7F2C1E2AE48654D3BB553BC359DEA4394D67F20A1C95D4DF325
                                                                                                                                                                                                    SHA-512:C70201E8243D04244356860A7C44BF59465B2468C8BB5FE63A3536C346108E6FCC23DF30CE58EAA96489563B48C63B1559EAF5901A2FF10974289265F6F0F8D2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\AdditiveColorGradientSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1539
                                                                                                                                                                                                    Entropy (8bit):4.800824421539057
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7YLGXy:M2aay6E+iCshvSdGvVny9tm05Ldi
                                                                                                                                                                                                    MD5:923A93362DE96B354D8785FE34C1D06C
                                                                                                                                                                                                    SHA1:33398B1F8398D55781F0F3CEF8EE5E04D9F89078
                                                                                                                                                                                                    SHA-256:E083FCB98F6B3AA43007C35A72D0BAA3778BEE092F51E79851721ED444CB34ED
                                                                                                                                                                                                    SHA-512:78F2AEA0C996F8FB7FE1EAE323A8E798B2144D47612431DA86AC39F48C9DCA375F94AA37398B7F260A788A6D87F5772A98A8733D2B15BC5F8694DE6DAB5BA402
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\BlurSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2057
                                                                                                                                                                                                    Entropy (8bit):4.6512392453906495
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LRLyxaHYmz:Laa8qdOnKFLRLyQFz
                                                                                                                                                                                                    MD5:9537476F40DFC84D6A877DEFBCCFC1A3
                                                                                                                                                                                                    SHA1:BA2B655F680B860D2E14BCA55E5396DBA22060D8
                                                                                                                                                                                                    SHA-256:2743C34358466337D98F0A631D05DAD6C3B084696EEF103586D0163CC9D469CD
                                                                                                                                                                                                    SHA-512:535EF1A1480A0A76FE7E115F58BE13C77D31490A83717B60231B24DBEFF60A198BD483C0C3FA272495DAA3C29E9E946E14CE86388BB6A35E39900C438E4FC2A6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\BlurSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1522
                                                                                                                                                                                                    Entropy (8bit):4.79833169400743
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7dXy:M2aay6E+iCshvSdGvVny9tm05Ldi
                                                                                                                                                                                                    MD5:40D31201324BBD3A4E2B899090405880
                                                                                                                                                                                                    SHA1:F50C44268412AEE6DC4DCB5826122712476A51C3
                                                                                                                                                                                                    SHA-256:77F2FDE62F4ABE65F81669FC58BD0B6FD88618EAA2FF4BD119225567B1D3DD31
                                                                                                                                                                                                    SHA-512:7C619833F79DE9A4B8D73DCFC4DCBF5A440A291164BD917F9A2D160B0B8F4D4FCB978E5109237380D285270063A980A119DA601C5E4EC2F90D219D81CC4FB446
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\BrushStrokesSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3522
                                                                                                                                                                                                    Entropy (8bit):4.357425528955801
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LyLZspDDfgLxA9AeRaHYzDRaHvcqqcpyaHwnqIz:Laa8qdOnKFLyLSpgLGiewADw2sKz
                                                                                                                                                                                                    MD5:F91855A634FE01B962B8F71E651DD355
                                                                                                                                                                                                    SHA1:690F5618244F28C9EBBDD894BD2E2DD9EDC26BCE
                                                                                                                                                                                                    SHA-256:AD25482C90B8BFEA45B03C326D9FAA88B1D3D052B37645DFF8FB59C883500BD1
                                                                                                                                                                                                    SHA-512:CADBE41B548D1FCC25916F21F4684234E4B92C327B26B2E1131BE1348B7F462744516987A1CFADE242756C530A3F8A1FCD39616A42CC99025EFD076A2EB752BF
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\BrushStrokesSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1530
                                                                                                                                                                                                    Entropy (8bit):4.801929096715566
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7Ig+yXy:M2aay6E+iCshvSdGvVny9tm05LDRi
                                                                                                                                                                                                    MD5:9F26317AC61C69E39D687841C2319FEE
                                                                                                                                                                                                    SHA1:65143DD3767841F8FF43EA2DBD11153851D35609
                                                                                                                                                                                                    SHA-256:59D5F99959EDFB5331AE5655C2DDD4DD85DD8136EF40ABCC3CBEAF8D63D57E5F
                                                                                                                                                                                                    SHA-512:03945465FF7D2B0972D3709604C28559961A7A2BDEAD215DC4727E1452AC981CB52355658095ED3B45AAD50C338F4AFCB75AA9517B1F0115698DDF03C3B31CE0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\ChromaticAberrationSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3115
                                                                                                                                                                                                    Entropy (8bit):4.466751803011135
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LcLcsqf7/LUNaHq9qHgUNaH0nsqD6z:Laa8qdOnKFLcLBw7/LUk9gUkBz
                                                                                                                                                                                                    MD5:7D09739BDA995ACB7A99238D21BFE655
                                                                                                                                                                                                    SHA1:41C7BFF919E302AFB6190C23078A1C451E047A68
                                                                                                                                                                                                    SHA-256:77F856FFFF9D3700CE67E2B46808795466696CC938FCE3BC9FEAF15F65E02405
                                                                                                                                                                                                    SHA-512:439ADC24C2FCB77758F2B08FCA7E5945976A523A5642AE1C2B5C992ECA6895853254BEDB16DF2D500F362E4A4B243481D9AB4D5EF795619CB72BE8FEA8604F93
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\ChromaticAberrationSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1537
                                                                                                                                                                                                    Entropy (8bit):4.799298907428088
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7eGXy:M2aay6E+iCshvSdGvVny9tm05LeGi
                                                                                                                                                                                                    MD5:C60DA88FFF4898D7302711D6830515D3
                                                                                                                                                                                                    SHA1:9EF87D101E189DAD3F77215BB57322842D6C988A
                                                                                                                                                                                                    SHA-256:41ACA92160D6EE1FDC3B930DFA5EFC5EC83CDDBE764C4270B51821A6E2A45A57
                                                                                                                                                                                                    SHA-512:405F64B2AA7C2804644581B4796293D1ADD6E02D642644E5CCED3FF011D69EAAAFB0F6070E066123C341BED73A1DC0D39D76E197E37515106EAB911F0D603851
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\ColorMasterSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3480
                                                                                                                                                                                                    Entropy (8bit):4.285181433179726
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LgvLEaHvZjaHvF1aHv+ZEaHAz:Laa8qdOnKFL0LvB2dsmtAz
                                                                                                                                                                                                    MD5:13E49A2E0B769A8F4023774BF7024DDA
                                                                                                                                                                                                    SHA1:145CA40977A4966F4C40F5A1926E6E31E06C4F47
                                                                                                                                                                                                    SHA-256:9740D69ECD3BEC3204C88639CF5159C841DE2A630BE491B2F08B08C7495D0DD8
                                                                                                                                                                                                    SHA-512:D66334B1DAA3EA57B8B69D06FA81A9F2AC0CF7CA3BCF40179BB41CDD348B798FFB6EAE8BACFC4881AB86BB54BC6D09D80ACADC8BDCA0DDD00E8E07E14BF78759
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\ColorMasterSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1529
                                                                                                                                                                                                    Entropy (8bit):4.799407736066554
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7DXy:M2aay6E+iCshvSdGvVny9tm05LDi
                                                                                                                                                                                                    MD5:0A2F7111BC8B8070CC6DAE2AD10171D3
                                                                                                                                                                                                    SHA1:612F8F1F40603A9F529D1E7D54ADFB8263A20855
                                                                                                                                                                                                    SHA-256:8097B1E011AE76221C36C9D4F95BD6A4B1D9B2591DF5C74DDD4A6CF1119A2C5A
                                                                                                                                                                                                    SHA-512:36F90E55A9FFAC4496F7BA78D5633E88F338A3AFB8B0B379DB84A68A20AD0CA24EF47D6BEE827B05F24BCB7C0A0AA47EF82790D6FFFA94A4B49E032E48D53BC7
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\DepthOfFieldHQBlurSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2926
                                                                                                                                                                                                    Entropy (8bit):4.43207626937159
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LRL3xaHOnn25xaHGnqDgQVxaHGnqD+z:Laa8qdOnKFLRL3QMCQgQVQ+z
                                                                                                                                                                                                    MD5:2C5CD29E1C9A38CF7DCAB358EA97AC67
                                                                                                                                                                                                    SHA1:F63402F27064BA334E9C279C480DA750DFDFF87F
                                                                                                                                                                                                    SHA-256:25EB30D81009BAC3EE9E54972170FA51604BBF26B096701182B0A29F0C91B93E
                                                                                                                                                                                                    SHA-512:DD1936E2A3575FE498203A5D7F7D3968F6264D531AE64C630103351082B6282D648A6259E54AC0489FC996E4FD1361D1D0173BCEF42936F7EB517656CA1AA26C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\DepthOfFieldHQBlurSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1536
                                                                                                                                                                                                    Entropy (8bit):4.813624160047879
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7UXy:M2aay6E+iCshvSdGvVny9tm05LUi
                                                                                                                                                                                                    MD5:9A16842CC5F0FEF74A82268C12773113
                                                                                                                                                                                                    SHA1:4F38B627E25AB5EE68B65668EE578AAD0116266A
                                                                                                                                                                                                    SHA-256:48B683F1B0B2BC74C0653FEE4E1C3569D198923151C954A34E66225B13763F2D
                                                                                                                                                                                                    SHA-512:185986F0A4C3FB32318896957079DCE8FBF70263C7437B13F28CA104B05796635D2AA63E12187D6295572BC445422B8EEFC3D45796BF6068EAF95E817CEB7C59
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\DesaturateSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2067
                                                                                                                                                                                                    Entropy (8bit):4.6466344726526145
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LaLBaHAz:Laa8qdOnKFLaLgAz
                                                                                                                                                                                                    MD5:BD2EAA68C817F1BCC47EC70D8F40923C
                                                                                                                                                                                                    SHA1:7EAD92CFDC9379CA2561BBA712C3675481B2A6FB
                                                                                                                                                                                                    SHA-256:AFC6214773B96050522D6418DFC0BF2D4B8C07D5B4A1640D0E4EEB130749FEA5
                                                                                                                                                                                                    SHA-512:3726B7CF51B850B93AF9F5C755B30680D785B44765B7BBAC6A809B51373FA5F83D0DAA415A5CC9306DA5A54DA1CFFC17DDE47C524D7569BD5DA6CDC3B54FB23E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\DesaturateSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1528
                                                                                                                                                                                                    Entropy (8bit):4.795103453843901
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7MXy:M2aay6E+iCshvSdGvVny9tm05LMi
                                                                                                                                                                                                    MD5:E2DE29F988FD7C925E0E50FB38883F87
                                                                                                                                                                                                    SHA1:3F883FE6A7F95A541F326EA9A418847D0C71D18A
                                                                                                                                                                                                    SHA-256:C484B6BB4601439FCEA96641267ACA7F543745B25316D5DDA61EE8F219271189
                                                                                                                                                                                                    SHA-512:22C8F5F871AC6044280152B346F4404413CA867DEDF64DC4C45739503261EE75CBB6F3C66153590EA02E79FF0E1ECEAF13B4E163C1D52BDF7E79D39F158C31EF
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\DistortionRippleSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5054
                                                                                                                                                                                                    Entropy (8bit):4.171506524669465
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:Laa8qdOnKFL3nLWZnE/F5zbpOmb+wXb25F:La7qvgETnUm7AF
                                                                                                                                                                                                    MD5:79315DEC3AFACE1C12AC78EB79494017
                                                                                                                                                                                                    SHA1:53CDCEBBC0B95BBD2FC8885FD0E1BDA922854CAE
                                                                                                                                                                                                    SHA-256:790B7B2475E7F9B33034006E31AE38EFF40AE56586E740C4A9700D5DE66506C3
                                                                                                                                                                                                    SHA-512:8E29DFDCDA6DA212526951661AE332352DD1046C967FD565CA4025CB14B608EBEE0AB75DA3E5D6E12BCDA78526FAD06B626731695B437225F1B4235319CCF5DD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\DistortionRippleSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1534
                                                                                                                                                                                                    Entropy (8bit):4.80012610963183
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7c/MOGXy:M2aay6E+iCshvSdGvVny9tm05Lc/Ai
                                                                                                                                                                                                    MD5:DF3244126B2143C024D85181FDBA7F4D
                                                                                                                                                                                                    SHA1:48CD3532EE3BE14C8E5F0103DA022ADE3D8514C6
                                                                                                                                                                                                    SHA-256:CF4819104E6308217E07E6A2A756C86E44E04DCFCCB106DF7CE6ACBB496A8B78
                                                                                                                                                                                                    SHA-512:AA3BFD0E55059BF3986EA15F4BB27C4658131A4D207E08D2460791EA049A186224C0D677610FBC524AC8AC8ABB987EF38A69FC848E5DB157B5B2BD9C97724E72
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\DistortionSphereSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4231
                                                                                                                                                                                                    Entropy (8bit):4.266633518821681
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05L3nLDaHuFUaHy5lAEi2Ymb7yHuRXbuHu8hF:Laa8qdOnKFL3nLWK/y5pOmb+wXb25F
                                                                                                                                                                                                    MD5:B31BEB88F5C88E944E26D3BCB87881E5
                                                                                                                                                                                                    SHA1:3FB7FC6BFD3F53A1594BD177554C12F51DF217F9
                                                                                                                                                                                                    SHA-256:3512EAFB9E4B023A44EB12EC53A80B8D2E4A90A98DB89B0DE7BAD314D15C4FD6
                                                                                                                                                                                                    SHA-512:52D91AF0AE3A9AA3F14B7C28AECBB6B9F8BE4E5151283C2CF7C1CE1C2439CA06FAC98BE89CA38D57ABF7200F1D214DE656F415C863349A70D8E3F3E9AF1740D6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\DistortionSphereSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1534
                                                                                                                                                                                                    Entropy (8bit):4.796470957927611
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7c2KXy:M2aay6E+iCshvSdGvVny9tm05Lc2Ki
                                                                                                                                                                                                    MD5:87696A6A7D47BDEAB1D31BD54AEC7450
                                                                                                                                                                                                    SHA1:83F7F7FA373452DF32CADFF9E585E4C2BB6ED331
                                                                                                                                                                                                    SHA-256:457D46AD9510D9E8B501CFF96906374089D7B883748EF4A8BCAB84D7AEDFDFF6
                                                                                                                                                                                                    SHA-512:0132653484BB409B627739F0F0AB1A2A6FD97736577BE6CC7F2C1CD7EF01DF594B7602AA102CC5B15CC2623B89D065A66500D8E2801078799B1D178B9A8C8002
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\DistortionSpiralSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4204
                                                                                                                                                                                                    Entropy (8bit):4.274531996244904
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05L3nLDaHuFgaHyd4lAEi2Ymb7yHuRXbuHu8hF:Laa8qdOnKFL3nLWKD1pOmb+wXb25F
                                                                                                                                                                                                    MD5:F8BD81AD65364F919BF2E8B84600DA51
                                                                                                                                                                                                    SHA1:ED1549ED3DB4F8B76399BC759B1077D03A38B19D
                                                                                                                                                                                                    SHA-256:82D094BAD2AD474ABCC0B2A6E9F47F086E051C45589C4A50CB4B074AD4BE43B4
                                                                                                                                                                                                    SHA-512:CE54699BF830BB4997437DA86F6DC531BB3292CEE887722B3B3D3720FFE5C4C5797AC2D103A67219480E20C0977C8A3D45D47E2AA638FD977B40349F21FB9871
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\DistortionSpiralSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1534
                                                                                                                                                                                                    Entropy (8bit):4.797416705697905
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7ctXy:M2aay6E+iCshvSdGvVny9tm05Lcti
                                                                                                                                                                                                    MD5:06B7213C24EF67375812B29C9C8DFD17
                                                                                                                                                                                                    SHA1:E7A31D72D006F9B8680FA37E080847E7B977903F
                                                                                                                                                                                                    SHA-256:385E161D223E3E8CC7ECE315358B7797B8541F6B4CB27E839F49C1B6B7858CE3
                                                                                                                                                                                                    SHA-512:892216CD5C5A2C04604F881F463D76832DE316D215B1EA71891C328DDB508C3B0D87DEB27607D229E5A74EBFD3F0825B1F4C8A5DBBB150FFEE6C63AD2FBBE3FD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\EdgeDetectSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2062
                                                                                                                                                                                                    Entropy (8bit):4.645228489303386
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LZLxaHubz:Laa8qdOnKFLZLQ0z
                                                                                                                                                                                                    MD5:E7E03551D902EA271694F936A8E2F0C9
                                                                                                                                                                                                    SHA1:2FB0CBB8B35D44F88ACB622136D6D582B4132B00
                                                                                                                                                                                                    SHA-256:E10EE0182482194C5E42E066E2DEFD6CD676EA6A28264B6E11980510D59AF0D4
                                                                                                                                                                                                    SHA-512:8A94972E14776235726F17F45EB219FED0021C1F4564FA47C261DEAB40CEEDE7912CC980F5C796843C75D83AE78799E6DE425174C6C53ADB2D9D1E0C3C5594B0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\EdgeDetectSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1528
                                                                                                                                                                                                    Entropy (8bit):4.7971248862000975
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7UXy:M2aay6E+iCshvSdGvVny9tm05LUi
                                                                                                                                                                                                    MD5:FC7CB5791C03CEBC60CD1B777EBFA2A6
                                                                                                                                                                                                    SHA1:E79353F50AC2EB3E3F05BA6ABE7B3F5F7DE820E8
                                                                                                                                                                                                    SHA-256:FEB82D8909583F91788163B81792E3BA4209048D11E7D2991AB551B8936206A0
                                                                                                                                                                                                    SHA-512:3602F7A218ADDDA5D199C6097BA2EB1C5C00F56A48A05AC0A3FF8B676C04B27069D9CD8F6D514ABB2D62E025ABF57B565134009CA3F9AC7F637360238E3BA480
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\EffectSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2203
                                                                                                                                                                                                    Entropy (8bit):4.799215764007693
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9tm0RL+8pOui2+Xh+T+p:Laa8qdOnKlLs5N
                                                                                                                                                                                                    MD5:34EF33B304059754D056FCF8427AC959
                                                                                                                                                                                                    SHA1:C4A7286FD68B8833B5B97C88305E00AD81E43102
                                                                                                                                                                                                    SHA-256:54A4BA7624C86EBDC683913B213CC437B078953F4FC1A3DFBDF97718AB7D20E6
                                                                                                                                                                                                    SHA-512:F1AAFD50251CF4F323416A0759A2E4D453499AE003CF096C7AEE1A907A603D9699013F756AECCEF4D54E14593769D22CE7712E31784C9BFBBBBB9C415CC5428C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\EffectSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1524
                                                                                                                                                                                                    Entropy (8bit):4.796886961330271
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7ZXy:M2aay6E+iCshvSdGvVny9tm05LZi
                                                                                                                                                                                                    MD5:02BCF94269A210F9E369FC6E5E265E3A
                                                                                                                                                                                                    SHA1:8BC35F91B7E4B390F9FBB638155259565654F2DC
                                                                                                                                                                                                    SHA-256:03EDB0273A36D35CC5477B88E3A1DDFF98741CD8FB45F4EBD62FB10D3BB300AB
                                                                                                                                                                                                    SHA-512:51EF3B1E8E06A761E7B7A283164C35D57B6F78BFB9050EE22DB24CF34E2771699CA9C3BDD5EC5830CED014F9082BE7D8E7559882C1B99180C4FEE69307387E05
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\EmbossSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2063
                                                                                                                                                                                                    Entropy (8bit):4.656271137063214
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LzL/F+aH05z:Laa8qdOnKFLzL/fwz
                                                                                                                                                                                                    MD5:58A7CAED5E43C81A69432BB99E09D859
                                                                                                                                                                                                    SHA1:0DAF916A7A256AB127AF6CD892831B11847B4930
                                                                                                                                                                                                    SHA-256:D12F9507248557699E52494BEF7E4590A8A1E601BDC73D76F935C2DABA9CC733
                                                                                                                                                                                                    SHA-512:AC371ADC4CC079C48E526641FC5BD30E0BD9C3C8F8B0C967253B7C034A85524F22650FEC640B4F094297A6DE519638B1C8F3EE176D934AF2567D2596A572F800
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\EmbossSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1524
                                                                                                                                                                                                    Entropy (8bit):4.797997058019242
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7zXy:M2aay6E+iCshvSdGvVny9tm05Lzi
                                                                                                                                                                                                    MD5:4C1C7EA3EA0C7C89108B0A9685D63D03
                                                                                                                                                                                                    SHA1:09A362F6B1D68DDD367D0C1E77F25E99E388D479
                                                                                                                                                                                                    SHA-256:FFC83285E8B1C5A04C8F494C58F11BA62DDDAC984D57B4FA329135DC6F1A8C86
                                                                                                                                                                                                    SHA-512:67A343694B0EDE377EBB78B54C255A2F77798A971960E0091F0A73005691217B590C6481FC1701A313E502D577575A0A7D59FB154AF420D59C3C1835459FBC3F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\FlipSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2397
                                                                                                                                                                                                    Entropy (8bit):4.6316950448104794
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LLLlcOAkpuISz:Laa8qdOnKFLLLlNAkplSz
                                                                                                                                                                                                    MD5:941A50E4034E0D719751CC204EE0F625
                                                                                                                                                                                                    SHA1:92C9BEC6ACFE966CBEB6D6769C7CBDAB065F4CD0
                                                                                                                                                                                                    SHA-256:A8485BA282788C04259C6431B815468E469DF4F8FC8CC4C4A577626DDC51AE58
                                                                                                                                                                                                    SHA-512:28A55F4E2C2C5BCF63E82A6C4CEB9853F1AAC29AA416972D44AD2CC427E8B14BEC0B7E7A26034908579C0FAB38A82423C7789DB634968B9036ED6F2A39F12EE1
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\FlipSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1522
                                                                                                                                                                                                    Entropy (8bit):4.796507643516898
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7LXy:M2aay6E+iCshvSdGvVny9tm05LLi
                                                                                                                                                                                                    MD5:26BCCDEDABFB4F67ED155ED9A37B155B
                                                                                                                                                                                                    SHA1:3B07A2D99E6B1DF48DF507FB0EAC383E8981BD0B
                                                                                                                                                                                                    SHA-256:0EF96714EBFEDDD6B539EEF948EED0793CCF4DEDB9151F041FE70555D3DD2D26
                                                                                                                                                                                                    SHA-512:9E48919BBEA5F8A08774BA31AB2238613AA521601F26ADAC474EE263497F9BD5E7E43C1155A4F63BEDD9134E50C6918A6543317DFFAAFEF6FA2970ADF9E909C6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\FxaaSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1516
                                                                                                                                                                                                    Entropy (8bit):4.802421585653045
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7My:M2aay6E+iCshvSdGvVny9tm05LMy
                                                                                                                                                                                                    MD5:706B09EC616FC9AFD139949C7EDF885B
                                                                                                                                                                                                    SHA1:60F92C2F85369842FC86D7BC0FFD01AE1C09F863
                                                                                                                                                                                                    SHA-256:190AF9AE69CA648A43DA355C675823154E2F2E2AF96B1232A74BE30877A9B341
                                                                                                                                                                                                    SHA-512:4DC676D286602B3D696CD7A54B115E5B35902C7B9721D19FBD98A45FDD70DE66814604516EE2752BBD8A84B0F521E43AEC10BFE70FEFDF287E194991CF790C35
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\FxaaSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1522
                                                                                                                                                                                                    Entropy (8bit):4.800552959170186
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7/GXy:M2aay6E+iCshvSdGvVny9tm05L/Gi
                                                                                                                                                                                                    MD5:1AECC95838F1690BE917AD843DCFD2BC
                                                                                                                                                                                                    SHA1:027989B071FADD997C40098B2BC1B68B9706AF26
                                                                                                                                                                                                    SHA-256:B18D3D35C64F111D1B4799541F92885CFF672B5073EE043399781345093EEDDC
                                                                                                                                                                                                    SHA-512:031F02AABBFC0D788EF20B57D8DB904DD5198783CEE81FCF27FC819FBA27D07A30C33D13639A8859E6454C345D482D310B9C1745A7BEE0187D9FCD942FB8032E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\GaussianBlurSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2020
                                                                                                                                                                                                    Entropy (8bit):4.662458007133559
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LRLyxaHynyz:Laa8qdOnKFLRLyQZz
                                                                                                                                                                                                    MD5:AD44E0EC4C218ABD61C33BFB38BEA5EA
                                                                                                                                                                                                    SHA1:58F89631C7DCF421C578A0C13DA5A04589721E14
                                                                                                                                                                                                    SHA-256:1CB5D97801323B9DF01F0980D78CBDECCEDB898761FBBAD6C62CF637BC736626
                                                                                                                                                                                                    SHA-512:9F8C3BD1B35C7EAEFB3BCBAB73B376B1164862285A27B6E504D895169A9CDF69483F23EA1E7E3A8356242193D08082793BE21CB4052B6725E5407FDC801A3EB4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\GaussianBlurSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1530
                                                                                                                                                                                                    Entropy (8bit):4.800517581970065
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7IXy:M2aay6E+iCshvSdGvVny9tm05LIi
                                                                                                                                                                                                    MD5:6F44C45F9BAECCD62FD40F651743C07D
                                                                                                                                                                                                    SHA1:10A395D18AE2C419F1F2222BCB1438FAD19FF420
                                                                                                                                                                                                    SHA-256:08EB05CFA7CA4C280E8585253FDFCEBA3237B6114BAD2AC3396667114560C1E1
                                                                                                                                                                                                    SHA-512:7576C186B33C8283735ABB9BA415D3E99FB5CB1E88309A2E00008DD9C5D95C79BF1D9A3EFE9A6B4D31373CE332AFBD35625361FB383ABFEE8B6181EE446C2A58
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\HDRBloomTonemapSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4425
                                                                                                                                                                                                    Entropy (8bit):4.180012906218248
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LqLjaHPWaHquaHyn9WJaHuo/aHuk3aHuMz:Laa8qdOnKFLqL2P9q18tl6/S/z
                                                                                                                                                                                                    MD5:6130D832345113287828800AA23749A0
                                                                                                                                                                                                    SHA1:C4827F1A0CF1022B4DAF60F01A8436DEFD15FB74
                                                                                                                                                                                                    SHA-256:5CDA2C2985CE3CDDDB8ADBB4F8694483E90FE55A0E60B2525C0F43CB92584C06
                                                                                                                                                                                                    SHA-512:B9330C37C91A778A3507078E439601433CE17F9AD26A5591F2D7FA79D9E790C02F89A15C2EB52438F7330806CEFDED1884627D682A6C270E84B5FEA5C5770E4A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\HDRBloomTonemapSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1533
                                                                                                                                                                                                    Entropy (8bit):4.811364401959752
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X77Xy:M2aay6E+iCshvSdGvVny9tm05L7i
                                                                                                                                                                                                    MD5:885D6AF7C00858154B1B3FBC66FE0D85
                                                                                                                                                                                                    SHA1:B14D881F0D94AF10B72DBD00B566FF032A50C095
                                                                                                                                                                                                    SHA-256:BFD09DBE509B5DC978529EDB1E622603F1CF6D3AB50B37A61A9A3BFC8576E25B
                                                                                                                                                                                                    SHA-512:AD35ECD41B9815A05AA07A53E990A3B87FB733F90D497C875BDD69CB894A23B70EBEA522718826EBB81677DB00E56D1E106B4557D8B915BF79F0D15FA44CCDA9
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\IdComboBox.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4199
                                                                                                                                                                                                    Entropy (8bit):4.852032840427181
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:Laa8qdOnqeEHUudpvCGFX31wdTyV5aCKy:La7q3eEHBdpKGFX31wdGV5aC3
                                                                                                                                                                                                    MD5:A75D8AEC7049D08E9CF5CEC2B914B3AA
                                                                                                                                                                                                    SHA1:E619CCB766E6E8C69AE8B3D034B94BC5AA08A994
                                                                                                                                                                                                    SHA-256:1BCC0CDE97EDFC72B8B70666A7A9D73FDFE071DBCC35DCD5C717C047CB08CDD8
                                                                                                                                                                                                    SHA-512:C74E7FBF65D011C6887B1F0324EBFA8FDD63A7F5F15C45F4B86EA18A032C244896E16135A9273D818A71D6DA4EA889A5CE1CF044E33AB2D37616928F01EF412F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\MotionBlurSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2559
                                                                                                                                                                                                    Entropy (8bit):4.513942438311344
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LRLeqaHuN8aHXz:Laa8qdOnKFLRLeJ+HXz
                                                                                                                                                                                                    MD5:23FFCB6E0046733CAFD61353423B0E3E
                                                                                                                                                                                                    SHA1:10C9FE75441DACBF7732F8E5C3F8396D55B3CEFA
                                                                                                                                                                                                    SHA-256:080D6BB77C242750E06D0704F82B10DAAD3EAC6E635FC9F00AA7D36500BBFB28
                                                                                                                                                                                                    SHA-512:104B95F0EF263B0CE87B99A54E76ACCB693D0A3DA43A4AFC5E688D5E4EE9BB234AD0C7A8A9EB08A91E0D6622B7A14B563B060730068D7CD9EF658FEB144DE2B0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\MotionBlurSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1528
                                                                                                                                                                                                    Entropy (8bit):4.801944450687001
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7nXy:M2aay6E+iCshvSdGvVny9tm05Lni
                                                                                                                                                                                                    MD5:77E1A15FD3CE3EFFC123BAFA19345F26
                                                                                                                                                                                                    SHA1:56A33CBEC1F64E9AC2798D2ED5C042EE9F505A32
                                                                                                                                                                                                    SHA-256:D614FB0EA64DADF18B28C2D748DA52502D0DA607B797C1516EAB24573E7A2048
                                                                                                                                                                                                    SHA-512:D664E845DC75E6548419D3DB0760E2129EF27534460C69A0B3C5967ACDC9439BB86C28E47299FCAFADFBF879827CBCCB6E983FCD11E8C92415EF43A431EAE317
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\SCurveTonemapSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6483
                                                                                                                                                                                                    Entropy (8bit):4.02021052149046
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:Laa8qdOnKFL3L/yCjWjuCZjeMdLQQAvdiAhrICt8Ahz:La7qvgCjW6WjRF2hh8AHhz
                                                                                                                                                                                                    MD5:9EB41837424820725271649B98F1D508
                                                                                                                                                                                                    SHA1:AD1E17A0A4EE38D5181906F54399C69F0FFC0278
                                                                                                                                                                                                    SHA-256:7CE2EC1603700D94E0462ACB612D284B33D489632102E41996E3E370EB7FF0A9
                                                                                                                                                                                                    SHA-512:1042D0087AFA5C5547A0663FDF98EEE0D8F3ECC59E4C5715585367A4CE42F056B462653FF45163BDD3B5B2EAB541F97FA66F81117E1ADF22D3661038FD006112
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\SCurveTonemapSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1531
                                                                                                                                                                                                    Entropy (8bit):4.801836764017511
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7GXy:M2aay6E+iCshvSdGvVny9tm05LGi
                                                                                                                                                                                                    MD5:C8D4DEBD9694E39063E99453801165AC
                                                                                                                                                                                                    SHA1:DEF786A007C50B2236C63F163F3EF175BB264A7C
                                                                                                                                                                                                    SHA-256:EA6C0B8867DE3009D21E89624FA43A43BA014E56FF94704401D0C3A2DE1FFCA8
                                                                                                                                                                                                    SHA-512:CFF6648A8956555841A13EDBCEFD151F983631AE2FFE1A54804E394DB5E6AEF1F7382FEAC862B283167F001EEF0CF5E663763FE592C21C9759232FCDED96632D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\ScatterSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3506
                                                                                                                                                                                                    Entropy (8bit):4.4038796070839155
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LyLZspDDf6LTaH1PyRaHvqmC3Nz:Laa8qdOnKFLyLSp6Lm0wrcNz
                                                                                                                                                                                                    MD5:F5EB46F48824E87ABFE2DBD27152EB03
                                                                                                                                                                                                    SHA1:B238FCEC3253E3EFB8B94DE5EECB970B5E336180
                                                                                                                                                                                                    SHA-256:158EA43775ECD856F039FCB3DF351DAA61C590FDBCFE70F27DBAB80F04848310
                                                                                                                                                                                                    SHA-512:593B88EF3D40CCE86CFADCB937D26961406BC345D177337F63437386FABE0E5F78BCEDB46A0452BED056202661D7A5B07012A0C0E7388A806AD024B2C19F920B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\ScatterSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1525
                                                                                                                                                                                                    Entropy (8bit):4.794533743973527
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X76Xy:M2aay6E+iCshvSdGvVny9tm05L6i
                                                                                                                                                                                                    MD5:97C32B1B63F3312136C67A43EF8B0314
                                                                                                                                                                                                    SHA1:103023C3E6E00D07809D583FE056AB2C95880E4B
                                                                                                                                                                                                    SHA-256:FF3D840784B995FBC1ABAFFF6370CE34BF602D075094C3A8D3FA7FEC720EA460
                                                                                                                                                                                                    SHA-512:5CE0745CDAA986000A0E79A58C033D465A141E2C0853E77BD0791DB31145A4CF0F8D2ED74E08AD21CB696E92B08CFDD5D39432C21C2975B6B68B105ED0891CAE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\TiltShiftSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3827
                                                                                                                                                                                                    Entropy (8bit):4.295638047758827
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LjLfaHunkqOkaHunX+aHynnkpla4SrFnJz:Laa8qdOnKFLjLaRq2kFwkplFSrxJz
                                                                                                                                                                                                    MD5:DE412A0F2E97054924E933DEF5B77022
                                                                                                                                                                                                    SHA1:D510D4DF6F1C7AD7B03A6192A657BB9C8A099FE8
                                                                                                                                                                                                    SHA-256:BE050EDAD2F59ACC87D04E94FEEB805AF73F249DF25B05C2C000BE1EE9C79534
                                                                                                                                                                                                    SHA-512:2E409DE325D6C24D060FFD9371B47E5463A5AB1E34982E6BD39678D3735C25CDE1CC4456572857FB9567F7660E25FA119E33943CFE1A1E30CB81A59E5F69F7BA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\TiltShiftSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1527
                                                                                                                                                                                                    Entropy (8bit):4.798028377851742
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7ltXy:M2aay6E+iCshvSdGvVny9tm05LLi
                                                                                                                                                                                                    MD5:2674E1C3FE2280E11BA4306A65ECEBA1
                                                                                                                                                                                                    SHA1:C9CC0AD3F5C12D403EB4D4636FBBF3FB3B854578
                                                                                                                                                                                                    SHA-256:AD11E1EFDAA70100DCDB8EFE77B64E735DB83A84CEC65F13C34C68A3CF2FE94A
                                                                                                                                                                                                    SHA-512:7772F04D14DD7B1018A4F7FC66BB0F2985912E77AF5EE24575491C73F8258E67D8276F68485D3F66D763A5492812F5E20F3FE1D0D9394452900DE14AF43D6905
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\VignetteSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2840
                                                                                                                                                                                                    Entropy (8bit):4.500635452028733
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LOLVaHrPtczaHajZGfOvkCBf:Laa8qdOnKFLOLMJcGEU+Bf
                                                                                                                                                                                                    MD5:B3D8D466EBC3FCFB3B11D1087F8E1622
                                                                                                                                                                                                    SHA1:204B98B280FF257286B39B53AEF1F6D1E943A9D4
                                                                                                                                                                                                    SHA-256:FA4D85CB8455C1DE699673A48184E11CCB5E950E3F90A0524F48896FC9EE8C3C
                                                                                                                                                                                                    SHA-512:355F7E1AF42D4B9C94E1A53C01A94D2A04AC8BCAAF9086155CDCAD5071FD449A028DFFE2E58BB6EE5757EE701115E7BED4D526E321920536B3C183942211B9C1
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\VignetteSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1526
                                                                                                                                                                                                    Entropy (8bit):4.796712198062553
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7o9tXy:M2aay6E+iCshvSdGvVny9tm05Lo9ti
                                                                                                                                                                                                    MD5:01D8E0F2C4B6CA5ECCA82939CB16C075
                                                                                                                                                                                                    SHA1:9E362446D78F3E11AF7DD697D0880097EDB61C99
                                                                                                                                                                                                    SHA-256:88772D6229BC2BB164FA28F392F07E1B63F65A604CCC1EF6CC6A9B060DC1C1BD
                                                                                                                                                                                                    SHA-512:C98F849CA1956EF2B1DB18D019E8A6D88708A2BC82817D280FE091BDDDC7C1394F09B86EF3ACFADB65FB2367F74EF901C6D4B2DC38F2BE86C3E082CF37F48DC2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\effectlib.metainfo

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):12027
                                                                                                                                                                                                    Entropy (8bit):4.261599945977872
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:aFzWFkWCFkAPiFpxyFFDF+jFWaFNzFgTF4LFkYFxkFRBFoj3FciFdcFhPFSPFail:YYguTz
                                                                                                                                                                                                    MD5:1A48C5F05BFB8EA1615B8A19D0CAD943
                                                                                                                                                                                                    SHA1:C041BA1B37BEB4F717B9717FD6BC09CF3D1FD72F
                                                                                                                                                                                                    SHA-256:3BA0EC8A7995C116B5E7D01C87487D9B85F856E9CD6DC9BF6394883D35905F3B
                                                                                                                                                                                                    SHA-512:BEEADD5D7224153C4A6E83B796485D0261C7B468F50A119B4D9163E5CDA6C4FC53C63B3E2B84B5AE67B9736F2B28189BB5195862AC8B4F6B8D781A1E14F72872
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:MetaInfo {.. Type {.. name: "QtQuick3D.Effects.AdditiveColorGradient".. icon: "images/effect16.png".... Hints {.. visibleInNavigator: true.. canBeDroppedInNavigator: true.. canBeDroppedInFormEditor: false.. canBeDroppedInView3D: false.. }.... ItemLibraryEntry {.. name: "Additive Color Gradient".. category: "Qt Quick 3D Effects".. libraryIcon: "images/effect.png".. version: "1.15".. requiredImport: "QtQuick3D.Effects".. }.. }.. Type {.. name: "QtQuick3D.Effects.Blur".. icon: "images/effect16.png".... Hints {.. visibleInNavigator: true.. canBeDroppedInNavigator: true.. canBeDroppedInFormEditor: false.. canBeDroppedInView3D: false.. }.... ItemLibraryEntry {.. name: "Blur".. category: "Qt Quick 3D Effects".. libraryIcon: "images/eff

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\images\effect.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):411
                                                                                                                                                                                                    Entropy (8bit):7.361274443968583
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:6v/70RyjxPLMMSrUr74R/OZC4bnknpEmvKg:ajxgTnOR4nJvKg
                                                                                                                                                                                                    MD5:7FBA4D41DCD6617804794CAF8F48B5B1
                                                                                                                                                                                                    SHA1:F55A6B261DC9221BFDF775425CF961DCFD96A8E4
                                                                                                                                                                                                    SHA-256:740F9DD817E0C14999B016FECE76C99DF4B28065ACB78CE819552BC6EC576773
                                                                                                                                                                                                    SHA-512:73A04A768411A6B9DB3AB94C2EF24DF94EED05D7AC34D185F7F485B7E8767EB8D375E5C90E0CB21D2F1EDB8867CBD865BAA2AB29F79D5D4F15C704BE3AEC841F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR..............w=....bIDATH...+.Q.....jJl|......L.......)....B.n.=......,..vR.R..,D.n...;.;oF).S..{>...{.}i...&@U...`...Z.#".Y........@s.o.^r.*.F...X...O..7..r.u.9.J.vE..?!'."U-g.+.."..&..|E..K..V../..j.p...e...Z..n...}..".....r......a.G...D.&.U.%.j....'..v...i.r..HE.+z....{Hp....@d......v.M......QN...l...5=....a{N.*0.Bv.....G...W...H...o..bx...M.6Y.....W...X.R2./.9....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\images\effect16.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 16 x 16, 8-bit colormap, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):321
                                                                                                                                                                                                    Entropy (8bit):6.017807623875118
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:6v/lhPfIoPrPTkZQXqgobf8CO5PHtJbDmLDiPl7yAfjaVxrkS9t0JNSRjp:6v/7njPTkoqLORfo+PNkfPt0JNE
                                                                                                                                                                                                    MD5:BF3DCE26D01E552B5E1F76807D88A653
                                                                                                                                                                                                    SHA1:8CD7B8DCAAE9D7C54B2032E33E389EDB91EA2652
                                                                                                                                                                                                    SHA-256:B33107A111E79A9F74993D8BD843EF3F55C132BDBB4038053D4321EA995E8DB1
                                                                                                                                                                                                    SHA-512:1250A201A46E61EC41C647B29E44AAAC7A53DF22F4F88ED766A703CB9F8487DE8C21AE2A25783AAC0F113850A02E82B9DF6A3A643A1977AFFBE1F17C260C08D5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR.............(-.S...rPLTE...................................................................................................................@....%tRNS.........!*-\j.........................J....YIDAT....G..0...5.{....q..E.\rf........?2/.Sr.'dL6!z.c......v.,I..a..9..n........d.?<0.....^.v{$....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\images\effect@2x.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):714
                                                                                                                                                                                                    Entropy (8bit):7.611357968879619
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:6v/7wrjuzsKMkVTE+H5Ou+8SDmMbCaJlqznFZIoVV7I3A6nCErZTGop7F0Nw9NdR:Wzsxk1JO192+kzDVVV7MfnjGl69Nn
                                                                                                                                                                                                    MD5:00AB7A733A18F58D1044A316BA4C6BBF
                                                                                                                                                                                                    SHA1:6921D9B6F27678994D7411E22DC1A145CEC65ECA
                                                                                                                                                                                                    SHA-256:7C48754241A74A3AE698FD219293ADC84FC7EB5EFE8F81B218D776D4342BB26D
                                                                                                                                                                                                    SHA-512:0AA176C36753ED6BDE240A53CFD97FDC8CF87BA9E4D9B21C72EB0E3A3CF7F8A7956687C77AB6FB49AEB1DE2DEE209EF8679B0D4D509351B2E04A89FBC0E1CB5A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR...0...0.....W.......IDATh..M.NQ....;......"...|..4.B..66J6R..(J.. ...)%.X.QBY."...b.Bg.....{.}..f1.y.9....=.y/.......2S:..i5......z....`....3.T...Vu..5..`k...R..-.=`.....Zv..P..'.x...v..&@K%...>.t...;.. ....<...?.b.+......H.4p..~.-.J.y..v[<...s._.x*..xR..4.4.n".z.....(..f6...|.....7df...u>...H..r%"~.8...m.......t.8..~....7Y.K...`...x..p...D....Y...."..E..-.dO.c..S..;........d}Q...R?)%...sB..l.3&.~..lK\....)..-r..]...;z.x.0.R.S..z.... 3....J-...T..I..w.#.S..lVA.UI3S5.j@...m.+......;...f.r....6Z. ...'.9."..x.Izef.).u......x......'%....f.3/....qba{...3ytj.W..u...} .#|....m.ctb |..w...~l.7.o...`.$..W....at..hf..l..-..[....Cpg.,...khhhhh...~............IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\source\effect_template.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1673
                                                                                                                                                                                                    Entropy (8bit):4.792243274345849
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9lz3US+:M2aay6E+iCshvSdGvVny9lzkD
                                                                                                                                                                                                    MD5:CF14B03F7F42A2E102089EA52BA6335F
                                                                                                                                                                                                    SHA1:7EC315112F7D7875C1DAB92BEDBCC8A8C5F53D39
                                                                                                                                                                                                    SHA-256:DDA37F8FC8319D5D0A6994A343C755A957B43E50B2D7CDE5F40EB49A5798A97D
                                                                                                                                                                                                    SHA-512:4BCBD5C303BEE13E9A202C26126C3DA88E3122B20B166B60B1EB6FF59A0CF1A451172FDA2CFFAC8CAE36F5084F88C35D9935F1215BBB58E1B5F5381A02DB61D1
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\maps\brushnoise.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):61885
                                                                                                                                                                                                    Entropy (8bit):7.983175872515517
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:1536:hovsWhU2CV6bBiGQlCaPDkBbkbw7oiCV2yRhJwbe:hovxUib+4abkybw1sRDue
                                                                                                                                                                                                    MD5:D177390FA903DF824572D81272BEDC5F
                                                                                                                                                                                                    SHA1:A9A6E727BDC5F2DA71F5AE1E4FB2FB0F3567869E
                                                                                                                                                                                                    SHA-256:FD1EF60A194D77CD8E3D32171BE2A4682D9232206008BB6B78B09763A0309E5B
                                                                                                                                                                                                    SHA-512:84401EDC45174475C15051A7715EC8B892FD37582379756AF468B67AAB8DDAEB944D149EBFED77662D4332812F303F2E048E2F44B833C9802E5845EFF2E463D0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR.............\r.f....bKGD..............pHYs.................tIME.....'1A..... .IDATx..Ko$Y.&....h...t'.dDFD>.....]=5..4#h$@. @.....rvB..^i-h7.J..N.$h.~VwUgVWvUfFddF..$..t...x.Z.s.{.......p8.N..]...|.....w..!..@. ...0.O..>..Y..5Z.Y..Q......c.D@8...#........>........D..c....2...{.O.#>c.e..K.\..K.........).....5..(r.;..-.....[...X...u......{...wF....|C..(...[.|...q..8..S.zK.s%.....0...}..@8...>c..T..]..X../......9W.3....C...C.d.zF.7..K.dO|.~.....j}...H......_.Tk.~...r...|i..[.....?P.sJ.U...o.1.h......s..k.<.{1....N....<.=...{..{....n....G.....U.!....A........x..s.yxS.%.w...........J..}..{..V.qF/.B.+.<.#..)...{..G...B....ic...3q.R.|XEP.....?t..|E._X./O..@..kU........WB.\......]W=....@.XE....@pm./.r.C.....Z4m.c.-.........@.......X...;..VV..SR.RfRw.X...<.%.Z..5P.w.......%..Bk*q......a........?%.?....H...k..j.........../../........~.,...^..,Z.g............}%.._.8..9...6.I:..@.%).....N....K.9....X.!.../..P.......,..*.hj..Y.o...P..@..O.L.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\maps\white.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):155
                                                                                                                                                                                                    Entropy (8bit):4.472613674909626
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:yionv//thPlt/ttLwt042/uDlhlpPo7PWYM4yX/1111111111111111111111110:6v/lhPb/6TPQ7PWYMRSXFljp
                                                                                                                                                                                                    MD5:D158C7B9897B4ED4D6A5401A1C9199B8
                                                                                                                                                                                                    SHA1:C312B25D1AB1714729A7EEB35FEEA0D159DE3E8F
                                                                                                                                                                                                    SHA-256:D10A5214E4D4F6EC4DC6ED09ECC7F79FB346F281F8D6BB223B71FB7780571F6C
                                                                                                                                                                                                    SHA-512:64FF74173DDD27CA2D98175ADA78B89B99766A3785BBBE8F61375D573804FC280DD2157565326FDBD1CB82F435C2B5E2AFCABB8F82E6FF9B80D6DAB86FFB10C3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR...@...@.....%......pHYs................MIDATh...A..... ...3..7h@'...................................................r..}^.c.....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\plugins.qmltypes

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):740
                                                                                                                                                                                                    Entropy (8bit):4.865312897162837
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:I8VFJtx+L7Ix9+hULe/AW/GmZsG65x+FKCbkXOvNMcZE/3eNJWjt1e:I8VF9M7InuULe//Gkx6EbkXOvKcZkq6S
                                                                                                                                                                                                    MD5:58886DD6CB1625A0A213A10268465969
                                                                                                                                                                                                    SHA1:21AB5932BD94F915A73BD46861F824935CB59954
                                                                                                                                                                                                    SHA-256:0B27D20B42476C48AAA2E285EF1050E52D3CA462EE9C698A29D6FE5CF14C9C6C
                                                                                                                                                                                                    SHA-512:88E1E8C6930E149502D8BD86C7337673DB539CC210357235A1379FD046782280489C9EA6415931E6A99E090D63FA7837FC0DAE51A8AE7C1850A57BE427A2929D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:import QtQuick.tooling 1.2....// This file describes the plugin-supplied types contained in the library...// It is used for QML tooling purposes only...//..// This file was auto-generated by:..// 'qmlplugindump -nonrelocatable QtQuick3D.Effects 1.15'....Module {.. dependencies: [.. "QtQuick 2.15",.. "QtQuick.Window 2.1",.. "QtQuick3D 1.15",.. "QtQuick3D.Materials 1.15".. ].. Component {.. name: "QQuick3DEffect".. defaultProperty: "data".. prototype: "QQuick3DObject".. exports: ["QtQuick3D.Effects/Effect 1.15"].. exportMetaObjectRevisions: [0].. Property { name: "passes"; type: "QQuick3DShaderUtilsRenderPass"; isList: true; isReadonly: true }.. }..}..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\qmldir

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):873
                                                                                                                                                                                                    Entropy (8bit):4.994552163067894
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:7Q7dEuLKqqASADBYG/MOUQ/MOuG2AQ2Q5GFQ+M3GzyfGV2kFsAP:76LBz9V/uQ/92AQ27FQl2GOhP
                                                                                                                                                                                                    MD5:C37716D7BF5BFBCC325FE049260BF76F
                                                                                                                                                                                                    SHA1:FD2C88CAC9FDCDABA21BC8B7FA7F42DA801455E1
                                                                                                                                                                                                    SHA-256:41066C0AD97EC920AE8473389BF64818F09409804B8FDFD20CB446FD3E7455EB
                                                                                                                                                                                                    SHA-512:F5DBF83EAEDCE8A3BB29AC38D5F64A93FE863DF66F605ECE095BC731A014542B9A11525AC0E277EC5DFF66D179736DC47A43F86CF3DD2A5D92672504139F59A6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:module QtQuick3D.Effects..plugin qtquick3deffectplugin..classname QtQuick3DEffectPlugin..AdditiveColorGradient 1.0 AdditiveColorGradient.qml..Blur 1.0 Blur.qml..BrushStrokes 1.0 BrushStrokes.qml..ChromaticAberration 1.0 ChromaticAberration.qml..ColorMaster 1.0 ColorMaster.qml..DepthOfFieldHQBlur 1.0 DepthOfFieldHQBlur.qml..Desaturate 1.0 Desaturate.qml..DistortionRipple 1.0 DistortionRipple.qml..DistortionSphere 1.0 DistortionSphere.qml..DistortionSpiral 1.0 DistortionSpiral.qml..EdgeDetect 1.0 EdgeDetect.qml..Emboss 1.0 Emboss.qml..Flip 1.0 Flip.qml..Fxaa 1.0 Fxaa.qml..GaussianBlur 1.0 GaussianBlur.qml..HDRBloomTonemap 1.0 HDRBloomTonemap.qml..MotionBlur 1.0 MotionBlur.qml..Scatter 1.0 Scatter.qml..SCurveTonemap 1.0 SCurveTonemap.qml..TiltShift 1.0 TiltShift.qml..Vignette 1.0 Vignette.qml..designersupported..depends QtQuick3D 1.15..depends QtQuick.Window 2.1..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Effects\qtquick3deffectplugin.dll

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):113136
                                                                                                                                                                                                    Entropy (8bit):7.441224738227249
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3072:l/BDrvjbVlju5r3qzb+ovxUib+4abkybw1sRDu1Yx5sW+:xBDrvPVlju5r3qzb+ovpbTakUw1sRDuP
                                                                                                                                                                                                    MD5:2DE9BF63EA00CFA6CA5A59B14320F616
                                                                                                                                                                                                    SHA1:0A60858C6C056EBE2B0E8076F461680EBE86D3E2
                                                                                                                                                                                                    SHA-256:3F0501377423938D24CA321CC39149B3FD858FD050D07649D73E501F9D6E5E32
                                                                                                                                                                                                    SHA-512:C03509C31308FD2C81EB126671D0773AAFDF6B54163C287EBC19095215348A2C8983ADED64EF5485CA11C576B2839D6F31BBA379DC68529D633F48472D057F10
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......[.....@...@...@......@...A...@...A...@...E...@...D...@...C...@...A...@...A.C.@...E...@...@...@.......@...B...@.Rich..@.................PE..d...1.._.........." .........~.......!....................................................`................................................T...........`............................|..T....................~..(...P}..0............0...............................text............................... ..`.rdata..xl...0...n... ..............@..@.data...............................@....pdata..............................@..@.qtmetado...........................@..P.rsrc...`...........................@..@.reloc..............................@..B................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Helpers\AxisHelper.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3597
                                                                                                                                                                                                    Entropy (8bit):4.766731003512274
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:naa8qdOnLBb2xtm0+zE0ZZ6W0R5u240a40IM40Iu:na7qI92xtm0+zE0P6W0R5u240a40IM42
                                                                                                                                                                                                    MD5:EEF60FF946F1748F1F6320D5AB21FE25
                                                                                                                                                                                                    SHA1:631EF9C246B42B300724F35260035337C5B15B71
                                                                                                                                                                                                    SHA-256:8CEE5F308F65017ED8CEFDFAE07C57AC880D727813D94F6FB0A8C52A160ABF3E
                                                                                                                                                                                                    SHA-512:218AA2BC3618B78416E82F03B21C9FAE9DD22FAA72DBBCA1380264E5F714F703D0A53BD51BD4952E22565225B12C60B8B79B47DAA8527818DEB6687E3DEDA36B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Helpers\DebugView.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2313
                                                                                                                                                                                                    Entropy (8bit):4.778127010208359
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MGaay6E+iCshvSdGvVny9l3HswnGKvPHl4PTP5:naa8qdOnuHj1/irh
                                                                                                                                                                                                    MD5:10E0A192DAE18CDF644C48C4F7C5FA05
                                                                                                                                                                                                    SHA1:C3ABA50C2086984BB757280091C839366EF56DBD
                                                                                                                                                                                                    SHA-256:AB0653E06CE98D11653F25286ED2F5BA5653AFCE49FFC368B156F1FC5F723A7A
                                                                                                                                                                                                    SHA-512:EABDF37A96C79DEBA32BB867F901B62B88E78BB455358EF06B4D334F806A4933FC8DC6889A513C76B2A2B7323AB426E425A7CC8EFA464C4090DD64B40A800B05
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Helpers\WasdController.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):9374
                                                                                                                                                                                                    Entropy (8bit):4.429284472555955
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:ea7qqYB9L/mzEtGww4NwwKO1wZuywjdKwfitwvfyTxyXWS0lbVpyV0Ay+WZ00bE0:Avl0yXWS0lbVpyV0Ay+WZ00bEp5VLoTP
                                                                                                                                                                                                    MD5:FB763196737A807F4E9F6C7A169980E9
                                                                                                                                                                                                    SHA1:148616887E37ACD7A83C32DDB7DD9CD3F47C44D9
                                                                                                                                                                                                    SHA-256:17AA89F6D27B9B15FCF4ACB791C3E21CA3CDB2DB1EA2788C47BBAEB89E5C37F8
                                                                                                                                                                                                    SHA-512:F76EC136D60803552A9693BB469F33E2F3F40354EC721B29951F15B1C8A2BC7BE6F46EF9FD078A5C69B36A72F8D2E2DA19B7C3C6AE69906EEB92FB86E05F5EF3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:./****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Helpers\meshes\axisGrid.mesh

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):128684
                                                                                                                                                                                                    Entropy (8bit):4.134580870152193
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:MQQZ0kwd8tGKvQgscg8+eFxUXY0FPTTV+6V:MQQZ0/uQgdiTTVb
                                                                                                                                                                                                    MD5:A33615DE0947E838DFEC2D94FDF549FB
                                                                                                                                                                                                    SHA1:1677C67C73D0FCA758B28118B41ACBCE1EDCB3BA
                                                                                                                                                                                                    SHA-256:B5A6BB5880C2863A7F28890EFCBA82D4B0606409AB68C44631B2212E98989A31
                                                                                                                                                                                                    SHA-512:547E16E94E71C5FCA68F73DB0BEDEC9B7F04023AC9316FD7F8D1176B6B79E56B8F7E2A3396469EB2F7CFF5BD18E8D8A4DBE9D005F44ABFD516E3961A76A5E7B9
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:M.......................8...............@8..@.......x.....................................................attr_pos........attr_norm.....HB..;......?..........HB.....;...?..........HB.........?..........HB..;..;...........?..H......;...........?..HB.....;...........?..H...;..;..............H.....................H......;..............H...;.................HB....................H.....................H......;..............HB....................HB.....;..............HB..;..;.......?......H...;..........?......H...;..;.......?......HB..;R.~?...?..........HB.....?...?..........HB...R.~?...?..........HB..;..?...........?..H......?...........?..HB.....?...........?..H...;..?..............H....R.~?..............H......?..............H...;R.~?..............HB...R.~?..............H....R.~?..............H......?..............HB...R.~?..............HB.....?..............HB..;..?.......?......H...;R.~?.......?......H...;..?.......?....

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Helpers\plugins.qmltypes

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2448
                                                                                                                                                                                                    Entropy (8bit):4.420886564469418
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:I8VF9M7Inke//Gkx6sUAOkXl0k/BjBRRHMnHKnpkX7RJpkoC7GC7fJAvUe/:I8VFmGkWGCTBjBRRHSHEMl6G6fJ2U+
                                                                                                                                                                                                    MD5:52F354C6E857282CCC26296FE6D9FBA0
                                                                                                                                                                                                    SHA1:87F687AF6F9B424148DA2302F277941AC9CC7EE5
                                                                                                                                                                                                    SHA-256:48A5087CC086377520A5E74A5444AC938F4ADDCED55A2C6582242FC83C2B9A86
                                                                                                                                                                                                    SHA-512:6E0C24317C40E18194687110D5B6FB446AE7C59154E1FD8E22F777E4467C435B278B9369C15A23455B0DDF5F6ED2E86FEE69011E2D5A495271808FF86F7A4878
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:import QtQuick.tooling 1.2....// This file describes the plugin-supplied types contained in the library...// It is used for QML tooling purposes only...//..// This file was auto-generated by:..// 'qmlplugindump -nonrelocatable QtQuick3D.Helpers 1.15'....Module {.. dependencies: [.. "QtQuick 2.15",.. "QtQuick.Window 2.1",.. "QtQuick3D 1.15",.. "QtQuick3D.Effects 1.15",.. "QtQuick3D.Materials 1.15".. ].. Component {.. name: "GridGeometry".. defaultProperty: "data".. prototype: "QQuick3DGeometry".. exports: ["QtQuick3D.Helpers/GridGeometry 1.14"].. exportMetaObjectRevisions: [0].. Property { name: "horizontalLines"; type: "int" }.. Property { name: "verticalLines"; type: "int" }.. Property { name: "horizontalStep"; type: "float" }.. Property { name: "verticalStep"; type: "float" }.. Method {.. name: "setHorizontalLines".. Parameter { name: "count"; type:

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Helpers\qmldir

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):232
                                                                                                                                                                                                    Entropy (8bit):4.833981904451233
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:xOv7eU+ea8o1GUijvVWtsA3zBSEV/eSXYlAhowy:xMeNh1IjNWtsA3zBnUZA7y
                                                                                                                                                                                                    MD5:85643A878A58B485193416C55B459A42
                                                                                                                                                                                                    SHA1:8EC0A784826170D3BC60EF775E7B1891921E0435
                                                                                                                                                                                                    SHA-256:E9BD514F51BF172143A8191C6FE84B5D62A341EAB604EEE9B3BCF77E1A56C95C
                                                                                                                                                                                                    SHA-512:09EC60E84FD0BC6CCBCB5457AC4A123FD52D87C4C644662F9EC696B7EA5DF01B316B861DB6BA07E847C830B2ECC31730381196D71C023C94E9B30F5E78376142
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:module QtQuick3D.Helpers..plugin qtquick3dhelpersplugin..classname QtQuick3DHelpersPlugin..AxisHelper 1.0 AxisHelper.qml..DebugView 1.0 DebugView.qml..WasdController 1.0 WasdController.qml..designersupported..depends QtQuick3D 1.0..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Helpers\qtquick3dhelpersplugin.dll

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):39920
                                                                                                                                                                                                    Entropy (8bit):5.864942725482162
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:3JTE9CKowg01TKCcxyF5hrpLRddDGcUeUf2hGh:NEHowgaTNhrpLRd3Uf3h
                                                                                                                                                                                                    MD5:0A5676FA84E7812A5E2D995E8FF9E03B
                                                                                                                                                                                                    SHA1:9F76C530AFF3358C9AFD9405DE554B1658BDCA11
                                                                                                                                                                                                    SHA-256:ED224DB3355FDC8FC293342A22A6AAE96A71D41B4ADB13663C41506BC515BDCE
                                                                                                                                                                                                    SHA-512:F20FD17878351AE6150BCE038DC6CC9D6DA444D5B5E7AC447DE779C2495BC081748ED3F657666FAE3E2CAF5395A3CA52CE8B37BED48C53104A93488E933117C4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........H.nG).=G).=G).=NQ!=C).=.F.<E).=SB.<E).=.F.<T).=.F.<O).=.F.<D).=.Y.<N).=G).=3).=.Y.<C).=.Y.<F).=.YM=F).=.Y.<F).=RichG).=................PE..d...).._.........." .....0...T......T6....................................................`......................................... c.......c..........`.......................H....P..T....................Q..(...`P..0............@...............................text..../.......0.................. ..`.rdata..F9...@...:...4..............@..@.data...H............n..............@....pdata...............r..............@..@.qtmetadp............x..............@..P.rsrc...`............z..............@..@.reloc..H............~..............@..B................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\AluminumAnodizedEmissiveMaterial.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3608
                                                                                                                                                                                                    Entropy (8bit):4.674963464484424
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MGaay6E+iCshvSdGvVny9lzptwmnw0XZNwRnndBNEmVVRarQnZEmVVNaWMEHD7at:naa8qdOnCtwmnwckRdBCm6m3HcxADQ
                                                                                                                                                                                                    MD5:E7CE67AE37EEA8CB09318CE51DA99248
                                                                                                                                                                                                    SHA1:BEAC6669359861BA5711D37CA35F72643E4F81E2
                                                                                                                                                                                                    SHA-256:C71C9B34B45603C69C06C0D43F14230C900EDF13C99EC820BE70D9A564F5DF2D
                                                                                                                                                                                                    SHA-512:E8ECF38152041BDC3838B679856C6C5CCF37B074137894BCDDFBFA0EA6E77A2D95F6984E25A1FC01F7B791970B435F9469A3FC7C73B7C96DB23C94D428C578A3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\AluminumAnodizedMaterial.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2742
                                                                                                                                                                                                    Entropy (8bit):4.770150522174078
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MGaay6E+iCshvSdGvVny9lzpswmnw0XGRRMEHD7axH4oADPEaJve:naa8qdOnCswmnwcGRZHcxADK
                                                                                                                                                                                                    MD5:0A00F1DA2217BFE37B2DDC9F8953D4D9
                                                                                                                                                                                                    SHA1:6BBDC054885A0FCC230EFD22CBBE50E1E7FC0DCB
                                                                                                                                                                                                    SHA-256:A3D3223A6BCE38C8DD0A143F893FB8D0634BF899ABE7E7984E1263FE39964269
                                                                                                                                                                                                    SHA-512:5F4CD9A156810C89068AA2BE016A89F9B3CD40F7734850097B8F6EC31F67CB35090DB687CF042F4A77915934B175EDD664C54AF26FE97D4D1687054A7CF9FA10
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\AluminumBrushedMaterial.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with very long lines (321), with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4902
                                                                                                                                                                                                    Entropy (8bit):4.66159962187494
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:naa8qdOnCswmnwi9UU7CRmHcxADUmY1mqmr2QmWR:na7qMb9v6wj9NSWR
                                                                                                                                                                                                    MD5:AD46673B9F2204EF497CD9226370C36B
                                                                                                                                                                                                    SHA1:20470EE00FFE342C12B77D34F7D74FB08D6FCC3D
                                                                                                                                                                                                    SHA-256:DA3B91E11F599C1F781551A9D66B0FF3F2BD3B8CB23DFD946AF8E97C96F2D316
                                                                                                                                                                                                    SHA-512:81C6A21B1B1AC457C0353EF62A372B31350F5ED80C49925DF50C514A25D680526244F5841C6425D59CC78C8D4341B4B47084BE1AA8E2B02B506F44CA254A112F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\AluminumEmissiveMaterial.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4874
                                                                                                                                                                                                    Entropy (8bit):4.588407370044763
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:naa8qdOnCswmnwxRZHcxADJm2mPBCm6mB2QmG:na7qMlwsxJVdEG
                                                                                                                                                                                                    MD5:B248246A2B57231B0F367E21C77A193C
                                                                                                                                                                                                    SHA1:EB83E94D1E7712D22A255ECCA82AABF98AB6DFA8
                                                                                                                                                                                                    SHA-256:82717C37BAB191ED910765D7D1C186E71B1157F37C375D726F65999C557A7644
                                                                                                                                                                                                    SHA-512:55C96E330B5438ED639FBA5F1728BC275AC3EEAFCBF7E34329ED45686D670EF6FFF7CE1F061CF8F6E0C45E63EFD6042BA37C6619C005C057BCE907E735791416
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\AluminumMaterial.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3950
                                                                                                                                                                                                    Entropy (8bit):4.642557343523896
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:naa8qdOnCTwmnwzzRZHcxADGmXm82Qmxh:na7qtUwwBW5X
                                                                                                                                                                                                    MD5:CC7CF7EE1F0AECFB199CFECDDDE0EFB3
                                                                                                                                                                                                    SHA1:6FEEAE1950C88E9680D11AFB736547C379ADBE24
                                                                                                                                                                                                    SHA-256:E749032C10089A9026948EB47CEE6BB5F8ACA5903BCCDCF32607D87B2A26E166
                                                                                                                                                                                                    SHA-512:6CA5D5F226627C46132AF43BD2EDBAA7DDBEFB31551166B4A4B154C155677BC0B5946BE1941BF5266B9C8F896F99BF91FC91067699E80884F579B6519B0F6167
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\CopperMaterial.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2544
                                                                                                                                                                                                    Entropy (8bit):4.792376699071377
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MGaay6E+iCshvSdGvVny9lzpDKlwXw0XskivzRRoHDGH4oADPf6iKLj:naa8qdOnCD4wXwcAzRKHyxADyi4j
                                                                                                                                                                                                    MD5:E679A897D277A8A813B4F7F9F99BAD2F
                                                                                                                                                                                                    SHA1:67C2B98FB3443C14D9EDC22F5B3DDE32FC7FDE4B
                                                                                                                                                                                                    SHA-256:B44DC4CB404A50B70D3F5344EAF4CF8B8608304465FDB07E11B4077663F7D6D2
                                                                                                                                                                                                    SHA-512:3F3A4F3302AEEBF91B6AB3AD3B8A5637D011B0C36901FF96CD49891E7FDC564201EC59CADB7F3FED1BAFE5551D04358F8F14B1C59915F0EFA80CA7DF9EE083AE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\FrostedGlassMaterial.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):7751
                                                                                                                                                                                                    Entropy (8bit):4.555720598240865
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:na7qU4dtJHdFZ+jwF0JUq1ZUq1V4sq1x4sq1p4sq4d:pNtJ9BF02q1Gq1xq1dq1Fq4d
                                                                                                                                                                                                    MD5:68A81DBC8F38E5106CDD766CF223B15B
                                                                                                                                                                                                    SHA1:51F684E7623004E4CB0E8AB439EC3E3457EF3A5F
                                                                                                                                                                                                    SHA-256:642C88CC6AD13FE92F108606D4C520293C5F316A22D33BAD517B08D363AF31E8
                                                                                                                                                                                                    SHA-512:46E206EA7AF2BC6DE6D505562EAEAC93BBDC527033B9D8F0FD494BAD4DD5DF83F5ED30079697C0734A0BC814D67363ACBA1A3AE118D96D8FDEA0EBEF15079103
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\FrostedGlassSinglePassMaterial.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4634
                                                                                                                                                                                                    Entropy (8bit):4.686040165928471
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MGaay6E+iCshvSdGvVny9lzpKXsWcwmnwjNRNn5uy0RHoHDGH4oADPsnaYWnad3N:naa8qdOnCi+wmnwp+RIHyxADoMUqqd
                                                                                                                                                                                                    MD5:0223DC6D0C4925A28A09B6F6D5065600
                                                                                                                                                                                                    SHA1:A1668B205FD1DB8DDBE8A32411CB117B37E73A50
                                                                                                                                                                                                    SHA-256:26E91835DAEF4701DFE881218C7003BA790D482CB84E555BD1513E5E417FA1A2
                                                                                                                                                                                                    SHA-512:4B40008C9CEC5663B0A1CC34860344BBE704B4128F2E24B0E3518AAF72078BDA35A1580ECB554A972626A82CFFDD7513D132C8DC529F7F64B9E75F82FEE25BAF
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\GlassMaterial.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2906
                                                                                                                                                                                                    Entropy (8bit):4.763466296171963
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MGaay6E+iCshvSdGvVny9lzpDKlwXwjN4URsoHDGH4oADPPyiZXgsiO:naa8qdOnCD4wXwuURNHyxADPyHs3
                                                                                                                                                                                                    MD5:EC4CCB542EDE9971D9049F516489290C
                                                                                                                                                                                                    SHA1:E72A3A021664CA58DA7AA690A2497157635C2E68
                                                                                                                                                                                                    SHA-256:0D020EAF4AACB630098FA1B128720E115E5CE16B630198DEB3A9A9B182CC22D0
                                                                                                                                                                                                    SHA-512:0D4D96946062278914D56DD6C0E8623498894FBDB0EFE65A66F8BAF1EA2D000DFDEFAAB1C54EF6C0A187C74D0B0A76E03EC02BB7DF300FD5BB63E0D7B27ADE8A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\GlassRefractiveMaterial.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3414
                                                                                                                                                                                                    Entropy (8bit):4.715684291245738
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:naa8qdOnCD4wmnwFhRIHyxADPyIMUqn7d:na7qYyRwPyIMUqn7d
                                                                                                                                                                                                    MD5:5182D5402E8C2E44932D944C8B039B8B
                                                                                                                                                                                                    SHA1:86D2E9D85E2937186E8F70940A277B3625C08EF7
                                                                                                                                                                                                    SHA-256:BDFE7AA4C48A338C90FFDC20B9C09E278F1EE9BF72A242CA68202C33C72FA3BE
                                                                                                                                                                                                    SHA-512:B630174C9CD4F9F717EEC6AC646F0BB66BCC372C886797B2D96F05D62D7668AA621491D039651E2ED427637065C6E9E1C1662164ADB8D8026623D954CEA83D52
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\PaperArtisticMaterial.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3616
                                                                                                                                                                                                    Entropy (8bit):4.739770224410175
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:naa8qdOnCD4wXw2nRiHyxADVmz2gmvFS7mvTU/:na7qVwAaNNy
                                                                                                                                                                                                    MD5:E5BB7D3665F78AD028D10429292BDA1D
                                                                                                                                                                                                    SHA1:E306C2AC9A4E6EA71ABBBAF79AB5D7D4CCD0FDE8
                                                                                                                                                                                                    SHA-256:F8B5742B40956C51C38177E8C7FA38391F32A5EE639C5CDAA75BED5C8A18845B
                                                                                                                                                                                                    SHA-512:4B808EBFCFE4DA37B07943BBDFF0729A0C989E76EE7A6E577B541A1EDBED660554992AA16F3D8391915BBA4663DFD9A1900C7728EA2743B954903BCB9B001339
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\PaperOfficeMaterial.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3369
                                                                                                                                                                                                    Entropy (8bit):4.79081691104861
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MGaay6E+iCshvSdGvVny9lzpDK+wRQciretRRER4oADPU4mF36M2P4mF3614mF35:naa8qdOnCDJw28R4ADVmz2gm7m7
                                                                                                                                                                                                    MD5:E2B68B13B530B0152FDA227B216606D4
                                                                                                                                                                                                    SHA1:CDB79BD0155A107889719F50762CD081473EF8E1
                                                                                                                                                                                                    SHA-256:782AECF81C2C419C4837291C3F4F66B7EE8DE2C6FA3DD6D2FE76D51BB74C78EE
                                                                                                                                                                                                    SHA-512:0564D8DD696F8FA50CE7B48D01A77842837DC566E02152462246A29A07E191E9967C68459319F7F47C286BFE95866DF85DC3C1A456DD42DF0C2C44F28E575B0B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\PlasticStructuredRedEmissiveMaterial.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4636
                                                                                                                                                                                                    Entropy (8bit):4.6537211625366535
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:naa8qdOnCD4wmnwcJLgRRHyxADvBCmVmf:na7qYLZxwpVAf
                                                                                                                                                                                                    MD5:8C77CF09C05CD60444909C55EDE47774
                                                                                                                                                                                                    SHA1:FB94FE262BD0CB9DF32808972397883E0CEE7F80
                                                                                                                                                                                                    SHA-256:FDD607E17A445976E8E6180EECFD98E9A00E0A7643F9F8B35939AFAE630D3297
                                                                                                                                                                                                    SHA-512:8ECED304B12FE7E580FCAF181E2CCB14B18ACEE8257F0435616883BF3D86ED06F4FB10EFB84E7B5F7A45AC6FEAEA375A2638FA6C441EEC7F1D9373BCA1A08B01
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\PlasticStructuredRedMaterial.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3808
                                                                                                                                                                                                    Entropy (8bit):4.724648759744231
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MGaay6E+iCshvSdGvVny9lzpDKlwmnw0XwNSLjzRXooHDGH4oADPsnaYWnad336h:naa8qdOnCD4wmnwcJLjzRRHyxADb
                                                                                                                                                                                                    MD5:749FCC8826A1BC72B5468A9C1A523564
                                                                                                                                                                                                    SHA1:4E81C913B66D0EDB9993BC8387AC5DC49D8DAF5C
                                                                                                                                                                                                    SHA-256:09793050E9DA7AA4FB9A9A6A1539AA6C9D6B7C98101BF5CC6CE9D0DA1B2CBBC9
                                                                                                                                                                                                    SHA-512:2C27E65AF3040A6604BCC94865BEA3741C663E24D195B4BCCCF8404971C1820ECE271593BED53F28E2153A5072EDA895A6C329165F03C8A61C47092DBD8265A7
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\SteelMilledConcentricMaterial.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3493
                                                                                                                                                                                                    Entropy (8bit):4.656701936861943
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:naa8qdOnCswmnwQ5OjzRZHcxADjmc/wm01RI:na7qMDywwacP0rI
                                                                                                                                                                                                    MD5:C5C2F8F93B51D50AC04D8074F20F05A1
                                                                                                                                                                                                    SHA1:92A9F2726088AAE71F730C612210457EF01D4292
                                                                                                                                                                                                    SHA-256:4E91AAF5D03C295A406F4CE054CF6617F739D9565F0193EA154B23C5B8B7EE12
                                                                                                                                                                                                    SHA-512:D41CE300F341573CE24A7C2B3DF7DEBAB0DD51DD2706DDBFFA262528955A99502EA0E34DD9022B062D2F8B38D0AD4214A2BBD775A37E83C01B3BF30A93A12EE2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\AluminumAnodizedEmissiveMaterialSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6347
                                                                                                                                                                                                    Entropy (8bit):4.258794436496769
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:Laa8qdOnKFLDLYXPj+oQCL6X4jloyvsLEoIOtLknxBzFBhtokz:La7qvQ+o3lojEoVqB5Btz
                                                                                                                                                                                                    MD5:162B915C93253785DACD6950B7440E90
                                                                                                                                                                                                    SHA1:43910428F6412358135511C53123AF7C1D5B4F33
                                                                                                                                                                                                    SHA-256:D3577E73CE583BEDAC8CB8BE0F38F64E7C860D29491D52B2A12984AD02D133A7
                                                                                                                                                                                                    SHA-512:25CE6BCB36717573CC23ED7F5AABD65DEE0B648928D587DBF95694B745701BBC2B472A7F38F6EFAD00D0664C5A8AB6376941B538A0338C82CAE16955B8209096
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\AluminumAnodizedEmissiveMaterialSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1550
                                                                                                                                                                                                    Entropy (8bit):4.813809594254932
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7tWXy:M2aay6E+iCshvSdGvVny9tm05L0i
                                                                                                                                                                                                    MD5:0D9B5F25BA9F52F4684E470432C83538
                                                                                                                                                                                                    SHA1:A2DEEBBCD709FCEB342B1468FFC4AD855B73C42F
                                                                                                                                                                                                    SHA-256:F52EAA44F522BC3F5D38E55F7EE550093EF56C6C01F14A8FBB39D950D0BD3716
                                                                                                                                                                                                    SHA-512:C8A1553A84338B89C908AB595F9956C65394A86A4B7E8AE187342B872FF33BC4A69D8B17D72E047F2A11FEF4FC21D1C9062B310A3FD8E40F79C0D2199A08F8B8
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\AluminumAnodizedMaterialSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4471
                                                                                                                                                                                                    Entropy (8bit):4.388399756813341
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:Laa8qdOnKFLDLYXPj+oQCL6X4jloyaFBhtokz:La7qvQ+o3lovBtz
                                                                                                                                                                                                    MD5:58828D52F0618799D1F62C0F7AD3E9BF
                                                                                                                                                                                                    SHA1:39C0DCDCF64397B348D8E32F8FE837ADD305F2E2
                                                                                                                                                                                                    SHA-256:2B45F4B204F58E2012C209D729710A52547A743CA1A99F060DEEF6A166337E7F
                                                                                                                                                                                                    SHA-512:1DF2225B3DC07375C1C5D7114DAECE36A735885432EF36DED1EB45FC868A3461BAE000C4D8BDACC2DABECDEDFFA7DC8E5EB59864F5519003C928585EBA59EDEA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\AluminumAnodizedMaterialSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1542
                                                                                                                                                                                                    Entropy (8bit):4.811022317656783
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7tLXy:M2aay6E+iCshvSdGvVny9tm05LFi
                                                                                                                                                                                                    MD5:7AC182C0A4175E3CA3D65C68911BDCDD
                                                                                                                                                                                                    SHA1:4DD6EE6B1E3C1DC6C90436744E86A7FA4689AE61
                                                                                                                                                                                                    SHA-256:C3B9A0D829E99F5AFF52AE072A7E5D1A0118EC5518BF35B6A09B8F074FDE8991
                                                                                                                                                                                                    SHA-512:305AB25FFD53F7B3FA6510D35429218C994F70C678AB5E707515DB92DCE2F6911F32F1108124AB410EBE4751C73D20DADA13EB35FB2F8DA70B05E247D3408339
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\AluminumBrushedMaterialSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):10710
                                                                                                                                                                                                    Entropy (8bit):3.972858218518859
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:Laa8qdOnKZLdmfLYXPj+oQCL6X4jloy4vBRtoj2ocWLq3VocgLnUenQnle7U83ne:La7qvXmS+o3lotBLoSo2Vo7Q2UWKXhoY
                                                                                                                                                                                                    MD5:38C19B80AEAF4386DDD27BED4551ABF5
                                                                                                                                                                                                    SHA1:D3C9647A9066310F78208DBA4F187C9D1048D25D
                                                                                                                                                                                                    SHA-256:5E4A4DE40AB7FF724A795CE8A7EFE00E304B44912816C075B8418C98092EA8BC
                                                                                                                                                                                                    SHA-512:460B0801323F81740231976B5E197E677F4941192BE6AC846692F450F9D1655F78EC311D63572665611641D4152D35338C73B577E46E33DAFAA4B40BA18D8DFF
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\AluminumBrushedMaterialSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1541
                                                                                                                                                                                                    Entropy (8bit):4.808124557098839
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7t8FXy:M2aay6E+iCshvSdGvVny9tm05LuFi
                                                                                                                                                                                                    MD5:9D38D0EBF6E304601FB18C6C9D5C3920
                                                                                                                                                                                                    SHA1:FCD040272062341D990CA88334E6C23BFB9BEA49
                                                                                                                                                                                                    SHA-256:6E774CFEE84FFFE811F78C9059880CFAE6EF5D650DDC7DA4CD64597547DAEAF2
                                                                                                                                                                                                    SHA-512:5AA4027F831A30DEB23C541CAECA49F8189C6F26A3E97545C86751E73729A55850DFCBBC1B75A64701C4ACCAF4D82053037D6875250E152238F7BA0F0F837A7D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\AluminumEmissiveMaterialSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):15432
                                                                                                                                                                                                    Entropy (8bit):3.8833114291153357
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:La7qvXmS+o3lo0EoVxIE1T8BLBaVhoGmkovGEW60hoY:Vue
                                                                                                                                                                                                    MD5:2CBB87E6CC289114479B0C075B0B58C4
                                                                                                                                                                                                    SHA1:8A05EC6C65C496B031673203C29915517912BFC4
                                                                                                                                                                                                    SHA-256:29B7CD81995634456BF3719F848DEFE573B21E4745C174A342DF4A477ED968C9
                                                                                                                                                                                                    SHA-512:90F47FA2676961A56FB082950807DA0446C281E299B35903B3DE6EECEBC8BE21D64EEEEE9C5D80711564A4ED0062344911A3B67FEBCB6E66D1236AAA8E0FC418
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\AluminumEmissiveMaterialSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1542
                                                                                                                                                                                                    Entropy (8bit):4.806250050072142
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7toXy:M2aay6E+iCshvSdGvVny9tm05LSi
                                                                                                                                                                                                    MD5:9F6613D8453163332900C74943064667
                                                                                                                                                                                                    SHA1:EEEFA031722B78E819C0099C9B0AEA92FFDF13F9
                                                                                                                                                                                                    SHA-256:547554F59FAECDC1F8662A2BC12531C05E8C6B37B45DF1E14604D83DE9222139
                                                                                                                                                                                                    SHA-512:B1AF31214D9A49C29DA28BF90CF8C10ADA7260D345B82F54DFCB2BA1D8AC3F9169A594951333C6EE97924B5CDBC0808A8FBDBD162943F8A447BFEF80FB55C549
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\AluminumMaterialSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):10859
                                                                                                                                                                                                    Entropy (8bit):3.982770070222841
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:Laa8qdOnKZLdmfLYXPj+oQCL6X4jloy4vBRUbgQho3WLnaQEVkoO/cV+LE8n3qLG:La7qvXmS+o3lotBaVhoGmkovGEW60hoY
                                                                                                                                                                                                    MD5:ED1019878B08F6EE176647230945A976
                                                                                                                                                                                                    SHA1:D3E17D526B59FA43B936F4F59D0947D3A308C062
                                                                                                                                                                                                    SHA-256:AAE68C32FC05E338722EB38C74286822635969C43010ECE210E9A0B1B8E26664
                                                                                                                                                                                                    SHA-512:6E5EDEA97313BE78B3F600C65D122C6C4CA3057E8C91F2BD1CAD98F37FE2C023C7B00A73F0F226F4CA02C44862D209822942981BFADCEB38014F62BD5E717DD5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\AluminumMaterialSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1534
                                                                                                                                                                                                    Entropy (8bit):4.803417408508112
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7t5Xy:M2aay6E+iCshvSdGvVny9tm05LXi
                                                                                                                                                                                                    MD5:D86A6D2B7F4FDA6BB364DEED5A434053
                                                                                                                                                                                                    SHA1:A92AA8F8F7576917A8EA0A120969469FDA455C2D
                                                                                                                                                                                                    SHA-256:B501AFEDB2B0499C120050E1D8BFC1041DF90CE741A1FBA22D9C40636C43332F
                                                                                                                                                                                                    SHA-512:D52AEFD16D88F1476AE6569EDB9826B0B68708680EA787A8FAD09B382024228781DB5D23D76D532492ECE8A850D5463480E4268D8F240D17676855ADB279148E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\CopperMaterialSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4474
                                                                                                                                                                                                    Entropy (8bit):4.388275349372152
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:Laa8qdOnKFLDLYXPj+oQCL6X4jloy4vBhtokz:La7qvQ+o3lotBtz
                                                                                                                                                                                                    MD5:5AA15292648D6FDEB1258E84BC2963B2
                                                                                                                                                                                                    SHA1:2543E1B44F5B7B02D74938C3F55D8948EF28F638
                                                                                                                                                                                                    SHA-256:16C370D0FBF93D0B9675AAED7B4D36F14BD54353A589CF3C59BE83F625F1F424
                                                                                                                                                                                                    SHA-512:5C36BD93274BCFB05C7FF9FA307E4C47931A6BA5F8083B8B310CD2AB101A5EB4E1136453E22037292826AABA0BC6A772493746546D26AF51B34F651DFC367C14
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\CopperMaterialSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1532
                                                                                                                                                                                                    Entropy (8bit):4.799817192333862
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7mXy:M2aay6E+iCshvSdGvVny9tm05Lmi
                                                                                                                                                                                                    MD5:D0C37E9205648611BCC6AC5059207ACF
                                                                                                                                                                                                    SHA1:E4D08EC8CB61F08BBCB3BEDB6C4FE63D36550E96
                                                                                                                                                                                                    SHA-256:03B0A9D52FCB87F100FBA269796CD25CEFBD01843DD3DAB4CAC517389BF3A1CF
                                                                                                                                                                                                    SHA-512:02427E238C0D0D8ECAA44D66E2056192E55C520B4C3CD967D661B794FC85A852B15ADAEDD843EF496D9E75A9298FFA9184224BC4800406A437D4F9090837BA02
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\CustomMaterialSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6158
                                                                                                                                                                                                    Entropy (8bit):4.321379851435472
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:Laa8qdOnKFLQtLpsPvJMwNfr5B2prtL8cQAqKmjnE0:La7qvHPBMYf9B2pKcXqK0E0
                                                                                                                                                                                                    MD5:41B3341365F9D4ACBD332329DC3F571A
                                                                                                                                                                                                    SHA1:A6D4E1670C86980DF996874EBE4824BCECE38D66
                                                                                                                                                                                                    SHA-256:08E37DF5D0479F3AC4B927600BDA431BBF2E1ABC1B06A07F9A15E39FB4EF9DC2
                                                                                                                                                                                                    SHA-512:F85A8B41E244A6BDB344814B1C7845361E675A5DD4A164FD2A862D92255AC58EA4EC1AAC368DBE1ED686B5B51CEAF11756FDA779DBAF90C5B0EFD61C1FC8AAAA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\CustomMaterialSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1532
                                                                                                                                                                                                    Entropy (8bit):4.800107323368606
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7boXy:M2aay6E+iCshvSdGvVny9tm05Lboi
                                                                                                                                                                                                    MD5:D8147E00462697DDA8A112F7D8811631
                                                                                                                                                                                                    SHA1:266AA70C818DFA496DD5B08ACF5319C68097F018
                                                                                                                                                                                                    SHA-256:358CAE5502C83D9DA35B3E0A0A87C5C2574078B30FB1143B588D2F4169A7E752
                                                                                                                                                                                                    SHA-512:BEB8697DBF8C43B8877C21EE3C187EB6FF35F4C832415AFBA369001EFF7F9DD518BB06A71CE18A71EF26C2EF98842CEE2A38A8E27D9881AE8EF287DBC45DAEA0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\FrostedGlassMaterialSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):18232
                                                                                                                                                                                                    Entropy (8bit):3.8258275913837956
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:La7qvXmS+o3loxBhBFCE6hohEDJ0rZKr87LicBCcJx7WJu6Gz:VuHjl
                                                                                                                                                                                                    MD5:874FC80B0951EB41DB37E5FE95027B31
                                                                                                                                                                                                    SHA1:937BD0584EABBCACB85C5F3CDD98F77FAF621AA7
                                                                                                                                                                                                    SHA-256:25A974F8743AE14E555D3A7D58AF4E09F984D0B086828140291F76974C919C70
                                                                                                                                                                                                    SHA-512:729ED8084A66EA4245477081F48CCFF35F6918AD88EA83B24D44187BA04A81C8039C3A2D30E05AE7666E78126CF98C8650E7D2B2F4C7B2AB9B7F4BA8BF6083E2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\FrostedGlassMaterialSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1538
                                                                                                                                                                                                    Entropy (8bit):4.801330468326808
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7KXy:M2aay6E+iCshvSdGvVny9tm05LKi
                                                                                                                                                                                                    MD5:296799BBCFE3192B2A9C2A8FF02C437A
                                                                                                                                                                                                    SHA1:711615236D72C3AB946DD60CAAA4E1D3A902E5B5
                                                                                                                                                                                                    SHA-256:40430616EB1D458DDF19AFDAFD75E1025D0DDA5A319A4635CC5FBDCC391FFF2B
                                                                                                                                                                                                    SHA-512:3673C34D20D9150F2DFBD87CC245CE7CFB41C4FF707FDB409ADB419F8095BF03CDDBE6F9C5450E9924E352BE93C758F954FC8C5A1725CC1B6C93403FDAECF7CB
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\FrostedGlassSinglePassMaterialSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):15685
                                                                                                                                                                                                    Entropy (8bit):3.8673470410538484
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:La7qvXmS+o3loxBFC3EDJ0rZr87A2EZxtJu6Gz:VuG0
                                                                                                                                                                                                    MD5:D3C7FB1ACDB39543897A9A10FA1F912C
                                                                                                                                                                                                    SHA1:B8C2645DC4037E989700371461EEAFF48CA135DA
                                                                                                                                                                                                    SHA-256:514C4ABE2E2EB4E6F4ECBEF1D5F4FDB96A9C817F4511ED4521C1FFDDD79FA710
                                                                                                                                                                                                    SHA-512:57A902934282E1CE739BF4143676FFB10B60D3705DFECE52149D12E90A9C43DB9A603A08CD077EC50B5101E67F8E6C0D492BAE02935C4BB0B6E17C2130FF9EA5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\FrostedGlassSinglePassMaterialSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1548
                                                                                                                                                                                                    Entropy (8bit):4.80567277101769
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7/FXy:M2aay6E+iCshvSdGvVny9tm05L9i
                                                                                                                                                                                                    MD5:5AFB85F7087AED37C3348968B3284F37
                                                                                                                                                                                                    SHA1:891E0F575AF7504237E7E5D4E94A086D197C7735
                                                                                                                                                                                                    SHA-256:86F655D6BE10C45F83647FE8BE3C2065227568D3EBF2423C20797A109AC84D9A
                                                                                                                                                                                                    SHA-512:0787F231E05A6D974E0FE480FE95043C94912FA33DECB46CB624F84A4FBE8DD43E8F9E58F21BE9D92EA92C62635186243EC26A09AA4B1BA724AF6491BAB3A3CC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\GlassMaterialSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6116
                                                                                                                                                                                                    Entropy (8bit):4.246051490261466
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:Laa8qdOnKkLdmfLYXPj+oQCL6X4jloyCFBhtGoAIY52Iz:La7qvemS+o3loxB5p87z
                                                                                                                                                                                                    MD5:45377D7D623AA68D672D16D7FFDA4723
                                                                                                                                                                                                    SHA1:E59DA9462CA7E7D86089814F534A667918B395D3
                                                                                                                                                                                                    SHA-256:ED6E4E27192E1509C0694763AD7C618FDF18F8E60B11111DD19ADEBCCE2B6782
                                                                                                                                                                                                    SHA-512:B490BE862961BFC144EC1CCB8CCA634782645E0851E76604BEAD460231DEB9458BB3AB3279CBBF714EB43067E5DE47B227232368457B0674D8BD98798CD0F975
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\GlassMaterialSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1531
                                                                                                                                                                                                    Entropy (8bit):4.799655616369686
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X73Xy:M2aay6E+iCshvSdGvVny9tm05L3i
                                                                                                                                                                                                    MD5:E5D7CDE7B022B60C2099CC2146AE9840
                                                                                                                                                                                                    SHA1:3B052C0810A93B2BB1DCD2C9E63E0630FCF1DAED
                                                                                                                                                                                                    SHA-256:77BD3BCCD5779E96AABB4DA1CA09767B03784C5AC017901E3B01A1ED581EE519
                                                                                                                                                                                                    SHA-512:876EA22890A476820105D0CCE105B698C970F368A3125E514D4BEED3C60629358F13AE119F9E83E7582D865F8904E3F78D8F47B8153D0C1E9261AF5FD8BE7FDE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\GlassRefractiveMaterialSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6102
                                                                                                                                                                                                    Entropy (8bit):4.242206044252857
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:Laa8qdOnKkLdmfLYXPj+oQCL6X4jloyCFBhtGoYkY52Iz:La7qvemS+o3loxB5N87z
                                                                                                                                                                                                    MD5:C38F15B096000699C9DC5DDEE1327296
                                                                                                                                                                                                    SHA1:E90C759EC4CC28EFA770302A8830B1807073733C
                                                                                                                                                                                                    SHA-256:AC1E27EED215EA1CB72558B123DADDF3C53FFD68EDE670792B1BD396B77D5E96
                                                                                                                                                                                                    SHA-512:B25D635947EFF1227134F77CFD75573AED9585E4C34430B59EA3757FE9856096E4C7B8D07DA1424F766818657853A680DB8EA90FEAF83D4F6B6E456D04851895
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\GlassRefractiveMaterialSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1541
                                                                                                                                                                                                    Entropy (8bit):4.805414547233772
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7GXy:M2aay6E+iCshvSdGvVny9tm05LGi
                                                                                                                                                                                                    MD5:DD1BBEBCF29164ABE35DAF91734B17CC
                                                                                                                                                                                                    SHA1:C70134EBBD679BA2D34E6CF89BFE93A0A6C08573
                                                                                                                                                                                                    SHA-256:D270125AFC439341DB83755477D5E80B37630C06994A2030E82CF170C06832AD
                                                                                                                                                                                                    SHA-512:53DC875E8D88AA59A5D98F3E1426DDEBA0819243047600B49C928EF0426A8576078F7EA7AA5E46DD330853F098F49C0EA4F853D2075CF43AC4C5DB7D6B66E840
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\IdComboBox.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4199
                                                                                                                                                                                                    Entropy (8bit):4.852032840427181
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:Laa8qdOnqeEHUudpvCGFX31wdTyV5aCKy:La7q3eEHBdpKGFX31wdGV5aC3
                                                                                                                                                                                                    MD5:A75D8AEC7049D08E9CF5CEC2B914B3AA
                                                                                                                                                                                                    SHA1:E619CCB766E6E8C69AE8B3D034B94BC5AA08A994
                                                                                                                                                                                                    SHA-256:1BCC0CDE97EDFC72B8B70666A7A9D73FDFE071DBCC35DCD5C717C047CB08CDD8
                                                                                                                                                                                                    SHA-512:C74E7FBF65D011C6887B1F0324EBFA8FDD63A7F5F15C45F4B86EA18A032C244896E16135A9273D818A71D6DA4EA889A5CE1CF044E33AB2D37616928F01EF412F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\Dialog.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4358
                                                                                                                                                                                                    Entropy (8bit):4.812079921863784
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpFGLDLpZ3vn3L/p1jYnppjEnF5FyBP1:nd0BhpAvfbR1apxSFOP1
                                                                                                                                                                                                    MD5:2548CFF063C7BE6F57B8D4F81BA33A06
                                                                                                                                                                                                    SHA1:C314CA356D2BC6E985BADD8E75F96A7B9A5C0C6D
                                                                                                                                                                                                    SHA-256:0363B31324C9EF26FA2BB540334774DA0A6545951DD06A149E6B832A6BF6C7EC
                                                                                                                                                                                                    SHA-512:870B3687579C10781A7B110FF885964D0D91D6ECD5A68A41C4CF3F5B09421AD2302014EAE2889E38A00B6538B84E2721F0F056EFA2209383283F333F62F26E90
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\DialogButtonBox.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3207
                                                                                                                                                                                                    Entropy (8bit):4.869069840142379
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgGDgGp3Q3JFw0Xk6s9H9YMweiWt0D/6x:nd5CB7fdpFGLDLpg3v506sDYMHiW1x
                                                                                                                                                                                                    MD5:06C06A6C5FE0705DE484D089C6E803F4
                                                                                                                                                                                                    SHA1:C3C742F65EFE8DDFB72922C98C265E1E6A6A76C9
                                                                                                                                                                                                    SHA-256:8A0C771BAD8EA0DE60C8B5595C3ADDF6A6E7785426CACB7D57F30D7921524045
                                                                                                                                                                                                    SHA-512:2FF884A5929EE2E3C576AA9BE594E0CDEE5C52B2C4F288CF4AE9BFDD4737CA412FADA63442C245FD34425640AC19FE53CB56863BAF6BD09802B7BFDC2FAAB49A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\Drawer.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3867
                                                                                                                                                                                                    Entropy (8bit):4.862301490461931
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDgGpPQBJFw0MyAxyhnMQxWQfgUqRh7/k/J:nd5CB7fdpF+DLpYBv51EgT4hK
                                                                                                                                                                                                    MD5:13FDABAD8449B607D5365D681CCE3015
                                                                                                                                                                                                    SHA1:7BECB74EBCFD5AFA4ED27ED41DA1828496033F2C
                                                                                                                                                                                                    SHA-256:5F37513A7BDD0DADCFDC435882DB4199A224114EC41DF8C9250AA1483F9428C4
                                                                                                                                                                                                    SHA-512:79013303748C61FE97F2E759AE1778157B2C88451F564315BA642180A6E5C5903171E3E6BB600354924B37A24A3D29168FB1C196195222EFDBAC863D0E66FB71
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\ElevationEffect.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):10030
                                                                                                                                                                                                    Entropy (8bit):4.806138037085718
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpFQDLpKr5EuujsA1GqHVyPDwQHHoxOoumQ91H24L8M5nNG2oLk+WPwub:nd0BhpKvUr5EpjsA1F1hQHHRodU5oQ
                                                                                                                                                                                                    MD5:EF49589B6DDF274E2EF2E77ECD689BD9
                                                                                                                                                                                                    SHA1:0C3DE37CD559D988B9F78A845B8A6D45D6FCA35A
                                                                                                                                                                                                    SHA-256:4E223635E82795BB7A8909C15D1F2739EE7E607344187D30B929B5D8DDB09808
                                                                                                                                                                                                    SHA-512:0A3FE282F8447E04565976791D66F1A177BA7F925AF1663D7DD4CE5D5D86CD14364E7C13E2ECC59BA25B52FF1B4CAFF93B584892673328F576F526167CE77B03
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\Frame.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2710
                                                                                                                                                                                                    Entropy (8bit):4.838309188288612
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDgGpXQ3JFw0akHz4y5Fc6RW:nd5CB7fdpF+DLpA3v5L5FLW
                                                                                                                                                                                                    MD5:6E05224A672A8F3683974C2BED54DB19
                                                                                                                                                                                                    SHA1:C67BD494AA339A0F025A1DE7FE0A2C3F4E8D2ECE
                                                                                                                                                                                                    SHA-256:54B7E9D18092BD8AE03E9336554F48CF5178C304457C70FF107F4A2FDAF810F0
                                                                                                                                                                                                    SHA-512:FB38360AAD57AEC7202BA891F9EA4D7F8EE7C49A1C09C5AB924ED65A0D7C77191A9508A2D88006E6762544AB015C42084F04E56CEC3BC3A19ABB85E3884EF9D2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\GroupBox.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3408
                                                                                                                                                                                                    Entropy (8bit):4.812150701263161
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDgGpqQ3JFd0kHIvaHHtWnzMCUlQjxT4y5Fc6w:nd5CB7fdpF+DLpN3v6LvaYnxHjD5FLW
                                                                                                                                                                                                    MD5:DF99BC50E44F0E6708A96BEE13C330D0
                                                                                                                                                                                                    SHA1:D153FF903F1C7C2BC5692ABF41B91DADA12F2387
                                                                                                                                                                                                    SHA-256:BDFBC86A651DB5FDF65A3FBCB7CBD91BBF295D845612BA369E317FC4A5DB3AB9
                                                                                                                                                                                                    SHA-512:2F409347A4BA5F600D07BC38258C6451C0CD7C83F27D51C4B8EF38B584FE04245A0DB4200BAAE5A7FB800CFA4A628BBDC003567966304704C919F7E9E1549E51
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\HorizontalHeaderView.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2968
                                                                                                                                                                                                    Entropy (8bit):4.8077641352008476
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M25H6E+iCsAaKj7fOWIkFy9lv8GXGBQ399tqYVt2ykFbbUWlNzx:L5CB7fdpFgWa35qYDQbdV
                                                                                                                                                                                                    MD5:A4DACE7AF6027943AD4B4513FD75EE40
                                                                                                                                                                                                    SHA1:878BE0B95889815C17D3A97ED5D5F522AD2674AA
                                                                                                                                                                                                    SHA-256:D8F333E3EC6E057BE364A043677A8E3A2762384C05FCFB2A5069184DDBFEEE99
                                                                                                                                                                                                    SHA-512:850FF7CE8304F738D9114E988FB7B9720C5D0B8A3856BF5AF354E5C96062E62024E47E7DAB3653B3458D7F2542116FDA35BA5F452C03011D83047E2C2864A1C3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\ItemDelegate.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3570
                                                                                                                                                                                                    Entropy (8bit):4.797861913310862
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgGDgGp+Q3JFbtoM2/EyZkXx2MXz1gmx:nd5CB7fdpFGLDLpB3vpoMCZZkXx2MXi6
                                                                                                                                                                                                    MD5:48495866F8B6E452907F4E90F0B1AF19
                                                                                                                                                                                                    SHA1:092CC0136EFE59B8389B7A521628FD05E59F7ADC
                                                                                                                                                                                                    SHA-256:D4FF3080E64C091CAC96A7A4F6F7FE8F2F948F468D70DD39271AA48D02F6B306
                                                                                                                                                                                                    SHA-512:1F9F95545374F75CA3E345737ABA1E86D652FB3E65B3F92FCC2118E6DC15CF6DF5461874AEABF1A1FBE0910CA8752AB6887FF1FC955AFB27B316FBF42901F3F6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\Label.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2008
                                                                                                                                                                                                    Entropy (8bit):4.82410778031169
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDdqQZEtV:nd5CB7fdpF+D/Zg
                                                                                                                                                                                                    MD5:DEAEDB2DEBDF15BD087D382C28C34291
                                                                                                                                                                                                    SHA1:72FD0FE26E38F816D8572DA1C9425365F64ED9A9
                                                                                                                                                                                                    SHA-256:B82053C1628AB97B4FC2EC4B001E7368B8483B0305C15CCB5BA29B2F61E7AE0E
                                                                                                                                                                                                    SHA-512:D4B2CF07A170F9F68C19E4A98E0FAD270BE2F748C883B988217BC9BD16E3198C06DDDA9BE600E3C66AA84CF1A93E4B6ED69DB0FF88A2AC3834E08F6F770F2F72
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\Menu.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4162
                                                                                                                                                                                                    Entropy (8bit):4.869740301783965
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpFTDLpuS1v5EtBjYnppjEn2vCccP5FF:nd0BhpdvgmEtBapxS2vbaB
                                                                                                                                                                                                    MD5:365971BA24915164063E97690F7DAE9C
                                                                                                                                                                                                    SHA1:2A55D6FCC0512A77960FCBF761A1910D5E461FC2
                                                                                                                                                                                                    SHA-256:413199D8146BBF130A26A50753B3F8ECB8A26158A5D77C32D6B1EB22B57B3AC8
                                                                                                                                                                                                    SHA-512:A911D0CEEEA33F52DA8E30D7C946BEB14E39E873658E3EF58DC383292997570C3673A2EBC22AE1159715D5F1DA0427A76133B17C2C3BBD1BB27DF6E89EBD728F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\MenuBar.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2604
                                                                                                                                                                                                    Entropy (8bit):4.840411587708949
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgGDgGpuQ3JFw07mXob:nd5CB7fdpFGLDLpx3v57v
                                                                                                                                                                                                    MD5:68ECFF6B2C4A7B65B2D6CBE889DFBFEC
                                                                                                                                                                                                    SHA1:D7DA0CA6412D9C4E81A567C22B1AF44B64C14FBD
                                                                                                                                                                                                    SHA-256:C62DB07B4D429F9BD0CF88EAEF9B15AD8CDB58322C7656D55BE5936044EB1240
                                                                                                                                                                                                    SHA-512:DA91A917EED9C3597D91FA12C4EB4FC620BCBB4E5588A011DDC924F88749CC3CD42B10AE8E654A6920BBC6720EB6B8FF42CE7277F52106F791A0F6708BB3BC4A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\MenuBarItem.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3442
                                                                                                                                                                                                    Entropy (8bit):4.770573402116531
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgGDgGpBQ3JFbtoM2cEyZkXxmz0wwX/gvx:nd5CB7fdpFGLDLpa3vpoMzZZkXxmos5
                                                                                                                                                                                                    MD5:9BEB46066F22FBBBE53106B5FFB6AEF3
                                                                                                                                                                                                    SHA1:10E428EB0D85678230CD138F18536C0AA5CFC53C
                                                                                                                                                                                                    SHA-256:F3A31AE3CEEFEAAE4FDA9A173FD3EDB0DD817D692236120572D874F7FD2838F3
                                                                                                                                                                                                    SHA-512:B7A647B35E2BD15CB5BD43C0CFF81FAB42BF54033E4EB2FFF88A59B0D64C0D2B230AB1907D92F392A71B53C6DF0A6A0D5E1B806A6C4FAA00742AED06A6742F20
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\MenuItem.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4788
                                                                                                                                                                                                    Entropy (8bit):4.767659902718251
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpFGLDLpJ3vpoMWZ4xy0FQskXxmooe5:nd0BhpAvdJg4x+xR
                                                                                                                                                                                                    MD5:10972CD75BE888A0F031B6C6D2FA0E16
                                                                                                                                                                                                    SHA1:354218F2EBE99D987B7AFD2DE04BB7D7A7763E5D
                                                                                                                                                                                                    SHA-256:A7E1B2398C5CBFF591FE34270FC800E2DEBAEC810689744D58BAAA149558A619
                                                                                                                                                                                                    SHA-512:55CF2C2265A5D3604305B29D5998A0D9F2E10709893133A19709C2328F742E065F2F3A60D79C3C10A2C165233A225DEC899D4F60B0AD2A6FF8852F4C7EACE73F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\MenuSeparator.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2400
                                                                                                                                                                                                    Entropy (8bit):4.831926312624564
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDcDQ3JFbtPTslb:nd5CB7fdpF+DT3vpro
                                                                                                                                                                                                    MD5:5F7E2FA195063A499F450D38AC067AD2
                                                                                                                                                                                                    SHA1:FC02285B676D836409B46B57EE2D798EB256402B
                                                                                                                                                                                                    SHA-256:8CFD1C4238B721C2FFC6ABB4132F5670E45A6768AD5CBAC7413FDC5BBFB4D92F
                                                                                                                                                                                                    SHA-512:2186361D3C9A1C889C311508C2D92EA20C428B528946DCED53CFDCF312E643BB4783235691BE1EBF0644C2DC52ADB85796D6CD172FA627B1EC4CF6FBCD27E497
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\Page.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2588
                                                                                                                                                                                                    Entropy (8bit):4.772227959654226
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDlQ3JFm0QuLYup+b:nd5CB7fdpF+De3vn3L/p+
                                                                                                                                                                                                    MD5:CBB179BD9C4898ECC26A6EC3C82A41C3
                                                                                                                                                                                                    SHA1:61B2FC2C285F19D0037B825229BDBC9E2BB318B2
                                                                                                                                                                                                    SHA-256:DEFAA9EB6822493956BCA3942ABFFD8C41EC10D40653EBE48147A00C321A4BB7
                                                                                                                                                                                                    SHA-512:4FF25C655307C36C6077EF936AB27C0FD47D8A64BAD5D761BC4E582764524B67E4127E7EAB6CE8A70ADFB6A74EA52579D51123DD1FD22FFA8089CB28A7CDECA4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\PageIndicator.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2795
                                                                                                                                                                                                    Entropy (8bit):4.828338932063428
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GD6DQ3JFbth60+jzyZZZ:nd5CB7fdpF+DZ3vph60+jGZz
                                                                                                                                                                                                    MD5:EB291290659332B4760637A4A13C9BB2
                                                                                                                                                                                                    SHA1:8C8B529B020F7F58C911B37587E065197ECE76B3
                                                                                                                                                                                                    SHA-256:F7A71B592744EA1A88843238B5576B4DCD93BC923D79585D3BE0C54F749C1A96
                                                                                                                                                                                                    SHA-512:9E5BB4EC6E40617094C05C10734298A0D60F027EE19FB2C4E383BFA6A7197867350626C024E9BFBA9B2D250A65171DCDE90D5F952EEB9B43C82BF9B86FF051D3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\Pane.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2594
                                                                                                                                                                                                    Entropy (8bit):4.8344449556473075
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDgGpUQ3JFw0o+MFc6RW:nd5CB7fdpF+DLpH3v5eFLW
                                                                                                                                                                                                    MD5:E5FDD28B572D970E35544C60FD8BA0FF
                                                                                                                                                                                                    SHA1:177441A046688D225AB8B60F67D1D8755239535D
                                                                                                                                                                                                    SHA-256:158D1F2A7C116DA47489FF7D022314A79198A9C10784FB04B777B19A9906A284
                                                                                                                                                                                                    SHA-512:F84CF4159FD462FD33AA3E4464F0662FE362D812813A5A688C6809847D906C029BD3471CB8F5F5B3E74471D08C593FCC3037BDD858E62B5DFAF1E501CE2BE603
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\Popup.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3464
                                                                                                                                                                                                    Entropy (8bit):4.898820195124723
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDgGpwQjJFw0FQiYnpetijEnIy5y6RC/k/J:nd5CB7fdpF+DLpDjv5FjYnppjEnF5FF
                                                                                                                                                                                                    MD5:7046F5FF3A70AFCA04B39F430AB475B7
                                                                                                                                                                                                    SHA1:DC7DC60B93B54C6E11CD696927FFC11F3D1E28ED
                                                                                                                                                                                                    SHA-256:B25507E5FEFD22BAD1CE21C0CF7910C448789EEA5DDBB74D7B17BDB4059CE6FF
                                                                                                                                                                                                    SHA-512:A58099AE5E66317A1C8B14DEC37896DF1F535327933FA27060FF82BD16062F3166AE78CF7F8D966A83C10CA95960743AB16198E6932DAC4409146603CFA75B7B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\ProgressBar.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2820
                                                                                                                                                                                                    Entropy (8bit):4.837609805236169
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDgGpiQ3JFbt8zgLozak8sBS:nd5CB7fdpF+DLpl3vp+7zanX
                                                                                                                                                                                                    MD5:D1C0A356DE670765571C5E8E4F0F8209
                                                                                                                                                                                                    SHA1:15B8228E3AECEDC6F904A311838589B03B47BE05
                                                                                                                                                                                                    SHA-256:9AC78116B02C1BCB4DCDE91170B10B8DD7BF532F0B800E81BD3C948F5CDA956C
                                                                                                                                                                                                    SHA-512:ECB8EF343476916484F60A840D2F6D80E85C96C221B175A69747FD8186C927D6EDC82839752E2ED66B2960EDC2009DC2B205D184E547299162EB682D8D4855F5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\RadioButton.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3654
                                                                                                                                                                                                    Entropy (8bit):4.7911429859967205
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDgGpFQ3JFbtoMXe10J4Z6/E0xeskxgzMCUlN:nd5CB7fdpF+DLp+3vpoMtqgWgxs
                                                                                                                                                                                                    MD5:565BF9F71B56FA741400574DACEB11DF
                                                                                                                                                                                                    SHA1:1390677D50F5C32E920FE1C79FDA5C410C4FA922
                                                                                                                                                                                                    SHA-256:A9DAEB562FCEE84DA8E896456C5E8FECDE4E49842EDDBDB87BB45F9E0038CB99
                                                                                                                                                                                                    SHA-512:4FE1BC10B616BFDE5CFCB534F5CC4D7504EF593C4FD68F986130F4B3A5A33202EE1A29A553A215C055CE4FB05D533ADB0979CF6AB075F7C95C8907F857D355EC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\RadioDelegate.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4065
                                                                                                                                                                                                    Entropy (8bit):4.792295622948737
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpFGLDLpt3vpoMCZLSickXx2MXi6:nd0BhpAvNJEL5xvN
                                                                                                                                                                                                    MD5:85BD4CF930049F7FAD1A1157CF56E2B9
                                                                                                                                                                                                    SHA1:6B96630AE511416426C53F3CC9B311AFB3B8B8D8
                                                                                                                                                                                                    SHA-256:01CEC46769B7E16A3FFC84123CBBED009A5D565F3D455364C79ED1C0A0006D0F
                                                                                                                                                                                                    SHA-512:67D74C13F5707F94D159E8F9A7352B5A0D21B6F258A98C6C18B8C777B26772CFEAC3D434AF09EA6F9136BF3B8671A37511DEEF5B18CE31ED81B4D7CE172223F2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\RadioIndicator.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2519
                                                                                                                                                                                                    Entropy (8bit):4.827600648510387
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OGDgGpfSiK+T8ocf67:nd5CB7fdpFQDLpf2vNC7
                                                                                                                                                                                                    MD5:3C3E1ECD5F2D9B1C8B8ADF7941BFEE71
                                                                                                                                                                                                    SHA1:EB1EF91F402F7FDE38B6DFE79BAE0022CEE5BAE7
                                                                                                                                                                                                    SHA-256:302175E3FAF2093C879B338872688F9193579CA681B5EE4287807CC487A56DD6
                                                                                                                                                                                                    SHA-512:D753CE1817DE8FDBBCC672FBEAF1740FF993B9573764C1903C893539B04858BE3CA66B8F734CE9A282A3B00692D0A52E32B28952F717C1D2BE8651EFC4D785F2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\RangeSlider.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4757
                                                                                                                                                                                                    Entropy (8bit):4.795633305434376
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpFJLDLpF3vqSs1Z/6Hzt6/1nLdBPuh6mj:nd0Bhpjv2Ss1V6Hzt6t5BPu/
                                                                                                                                                                                                    MD5:517BC83A0059AB0501D89E95B479A244
                                                                                                                                                                                                    SHA1:84BD154840AA09E0349550B466C9A662E53DF8C9
                                                                                                                                                                                                    SHA-256:9119C70F03475B4D5AF2579302986B0694AB4FA6CEB4937B311E7B00A5611C4F
                                                                                                                                                                                                    SHA-512:6E08F72783689DF48BC3A604DBC25FA69B03DFDA1B8C3AEB48AE8F6847B9CEB59BA2FA614A1C8C94B873C61561A392FB02317FE5D3D45682602BB14E6D4DD9BE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\RectangularGlow.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):8309
                                                                                                                                                                                                    Entropy (8bit):4.498428163270163
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy99io5JAS44kH1KWRmoAAJ/H0SAAd449lM688YAAdC:nd5CB7fdpFWJA/RmEZRMTmtnWwbQ9VI
                                                                                                                                                                                                    MD5:F98E2EAE330AEE1FC832A15FC395AE4D
                                                                                                                                                                                                    SHA1:BB91C3051A65832000DB517913F8A4B122C10F5C
                                                                                                                                                                                                    SHA-256:E4ADE2E5C1600BEFE2AE31221035B5BEEE33ACBB9395DB6911C32B117C10A300
                                                                                                                                                                                                    SHA-512:C263A0A3AE0AF2C665A079C4D77E931322FF4A6F062B3AA54D9D96540D53A1CB9D761E2901DA39F869528F3B4F2867DBCB65540D8BF42E876E643C64DE95F944
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\RoundButton.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4702
                                                                                                                                                                                                    Entropy (8bit):4.724663373079018
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpFGLDLpF3vpCQ2kXxYTxUbYbZ2FYW:nd0BhpAvJXxuNY
                                                                                                                                                                                                    MD5:3A77FFFE5EEBC0606072577F2995448A
                                                                                                                                                                                                    SHA1:1A2EF46A74648931CE7A4B2318D62C1AEC0E8E8F
                                                                                                                                                                                                    SHA-256:6BA91BDE18BF2CAE35DE1815F2A1B8C8CF86765900C16B3599CD9650F7F6DF74
                                                                                                                                                                                                    SHA-512:E1E2F0CFE991518AD4D1DFA05AA44018F1EFF79AD1589B44DF816F89104CB01E9634CF4374377FB942117472582D576C4198206CE4AC7694DAFD2EC916F75338
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\ScrollBar.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3771
                                                                                                                                                                                                    Entropy (8bit):4.840999626567917
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDsQ3JFbtySQkc2fEZHHkDPxEXiHoPxZ:nd5CB7fdpF+Df3vpy1kCFKPaiHoPb
                                                                                                                                                                                                    MD5:9B79FE506F854CB5E7615A2C241E3755
                                                                                                                                                                                                    SHA1:BCFB14A7B8AC3DED6B1554DF75A02D6B8A65A208
                                                                                                                                                                                                    SHA-256:AE326BD04FD07A2417F5583F2B06BFB68EE166938D1C651F33198F6E4665CB91
                                                                                                                                                                                                    SHA-512:736C108E7F9C524AA68DA52AB22403E068BC347FAC9AF02A77E2B1A1133D5956CBB13B782B9C0C195405685C6FFF0C597DC514D12DBC29D7BCE3B5609C1979ED
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\ScrollIndicator.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2967
                                                                                                                                                                                                    Entropy (8bit):4.755864058965555
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDsDQ3JFbtnRBNxAF/k+isH:nd5CB7fdpF+DD3vpnEJxia
                                                                                                                                                                                                    MD5:435FCB5EAE11DAD6B2411D5BC0787216
                                                                                                                                                                                                    SHA1:CEE1645E5D603A95363D99B72A250500BE9308D1
                                                                                                                                                                                                    SHA-256:A66BA3C2CEB4766CA959A6C94971E4FB3FB2B33FC6157EC89E22F9DEC6B8B5CD
                                                                                                                                                                                                    SHA-512:0836172997069DAC8287ED2D7A07E67DE8C659360D13A8AC6C50921D9F8338FB8BA1AFD4C1205DE09D6447F654D387009E4E1C34D9311E1A0F8A516BD34AD2A6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\Slider.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3963
                                                                                                                                                                                                    Entropy (8bit):4.829478647325663
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpFJLDLpo3vj896/P3nLdBPtF9m2:nd0BhpjvY896/v5BPjV
                                                                                                                                                                                                    MD5:46D343D4FC318CB86E1676A789915BA1
                                                                                                                                                                                                    SHA1:5218BADEBC40B2E50449A545A7843988D859A016
                                                                                                                                                                                                    SHA-256:BEF54AC22986A64AB8539D90568FC1A017FE0ECCCD1931F56A1910E429D0B922
                                                                                                                                                                                                    SHA-512:E611F7959AAACAD4527E2EDC1EF3D0C49EB015FEE1C25C135657D04910C32380BE8080D6E2FCA34506F4AB742D05911E7FA711DD5BDE4CF79EEF06C60D3F3890
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\SliderHandle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2932
                                                                                                                                                                                                    Entropy (8bit):4.78290740051343
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OGDgGpWnX+9o37M+fHMyzBADYfNsYNvb:nd5CB7fdpFQDLpWO9o37M+fHBzKMltj
                                                                                                                                                                                                    MD5:D647A5CD428C2DD080AEE1D246CAACB3
                                                                                                                                                                                                    SHA1:A5F9D762FC50421B78D55FFD60FDBAE57D75F69B
                                                                                                                                                                                                    SHA-256:BE6421A3B9D158DE3A94B9F737DE8538432414BC3D2AB94977D31CE1FAE755EE
                                                                                                                                                                                                    SHA-512:8DE0E39E5CF2721BADDB2A63AEE00A8BF07107E95FDA57F38E417B7EB3EBEB70193372285CDE17B6CF0760585BA49E755D50A5F8676833FF2B1BEFE9C1A48BA4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\SpinBox.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6225
                                                                                                                                                                                                    Entropy (8bit):4.618752935327141
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpF+DLph63vURkq3KjKbnuzjBUg/HLvWLTFuzjBUg/7ATw4VfsT:nd0BhpsvUhfxD
                                                                                                                                                                                                    MD5:1F3CF71216E54DFBD0A6A352907A95C6
                                                                                                                                                                                                    SHA1:AADC4946FDDD3BE151AB78AB64BC69356A3110FA
                                                                                                                                                                                                    SHA-256:563CA893E4477876ED5DB6DA9F981D0E6D60662378C7D4B77053B1226317C409
                                                                                                                                                                                                    SHA-512:2EE5821C9FDB31B2230F2919C8BFC894B656E5CB32F01F26291E9BC1F15BF8473535F678220BE4F90FA87385A1F9BE63ED7A666A142FC0BC5D1DC520EEB449C5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\SplitView.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3315
                                                                                                                                                                                                    Entropy (8bit):4.790674071189243
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M55H6E+iCsAaKj7fOWIkFy9LixvGmQqJFbtyz6f9JfDZFt:U5CB7fdpFOpqvpy2jZz
                                                                                                                                                                                                    MD5:E46181340B2D9E90775F686AFFF9C2AE
                                                                                                                                                                                                    SHA1:73BAC5091904762063E7D9AB1DFA1D49C3570A5E
                                                                                                                                                                                                    SHA-256:4248D6703D05D41480FFAF12ABEFC63F020B204221684D73D64957ADDC3A8B4F
                                                                                                                                                                                                    SHA-512:34CE77D44809A969247B76DB66F03EAA20FC9B94413B2E49FF9647B7E2841F32B1B271197E510B73FB45BC22F4EA70EDE14D6E8F5C4F24C93A800D8D58526442
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2018 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\StackView.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3885
                                                                                                                                                                                                    Entropy (8bit):4.951612981046042
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpF+DsV7p82+ij+spJOP8u+spk0OPO:nd0Bhpsa7pQiispkP81spklPO
                                                                                                                                                                                                    MD5:10E28FBB58B8A780C527A32A59114312
                                                                                                                                                                                                    SHA1:EB9CC1B8847B3AE2882926429014B1B257E87C1E
                                                                                                                                                                                                    SHA-256:09C499DE9CB6DF74464FD5A66C9A58AF16E34FFDE3E0C67AC12D0E0C81ACFAD6
                                                                                                                                                                                                    SHA-512:F6571C71E912B1850CD6F2211030AF6D9BC96CD32A5AB6D5801EA8FF0ECA679AF72620060A5F22A6D44EE3116013FA20346A4003A00AC1357957E14A9A067611
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\SwipeDelegate.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3887
                                                                                                                                                                                                    Entropy (8bit):4.773238807520014
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpFGLDLpQ3vpoMCZ8kXx2MXfUbK/Ec:nd0BhpAv2JExxvvAc
                                                                                                                                                                                                    MD5:C8A4636D811A78B52E3A333EF90AA494
                                                                                                                                                                                                    SHA1:B1A3AA6D7250ED974AC7B21DF7598F6919A6D5AA
                                                                                                                                                                                                    SHA-256:B19EB0EC5894590163F09F7B66A236CB30EA2C63E3E79846EABC4029A3792F13
                                                                                                                                                                                                    SHA-512:520272046579D975FB9E32DDC330DB698CDF099214D7B95F9B6ACFE03AABB9D05E39501464076AB08827E68248A32AEF4F2220F460E5F5A62AFE5C653875B8AA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\SwipeView.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2830
                                                                                                                                                                                                    Entropy (8bit):4.839139747866962
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDdQ3JFw0IJeSaVzdSw4:nd5CB7fdpF+D23v5I3aG
                                                                                                                                                                                                    MD5:55A2CB6F3D43441A3AB4D20CCCD8BC27
                                                                                                                                                                                                    SHA1:BE8DB5E36F2333E68976D0A655DB9C047131A7DA
                                                                                                                                                                                                    SHA-256:DF48A6406527FD52342CBD00D50D4F749D023086A01814EA8FC6C550A2FC53E3
                                                                                                                                                                                                    SHA-512:FA05783EDBB4174458FFE860EA3F93740B386CA1BA48309BFA551A410D7267949D0AB652FA78B5DF9B32889A31A67C4A87D6B5FF031DE0A80958E68B62E76F3B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\Switch.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3612
                                                                                                                                                                                                    Entropy (8bit):4.796786231360721
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OGDgGpg9Q3JFbtoMJA0J4ZWfsu8kE0xeskxgzMCs:nd5CB7fdpFQDLpr3vpoMFLfsu4gWgxs
                                                                                                                                                                                                    MD5:EC5BF32BB60EDCDB2F1C1D07F05E1CDA
                                                                                                                                                                                                    SHA1:D9CC82E6832EA93A2B87A136FF42463CDB27C14A
                                                                                                                                                                                                    SHA-256:E65C894AE653242836BED8789B72E8A208A8D743F840A73E9B6BDDEDEDD11A31
                                                                                                                                                                                                    SHA-512:F0D92BDCFD28CB0FA467F7FE8AF53F96022DF55B5AE81F12666742D3E46B421A443A953D57C3E7CE40E43AE6928E3076CDA14CE86B3465BA01B85217930F2538
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\SwitchDelegate.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4104
                                                                                                                                                                                                    Entropy (8bit):4.794699611379986
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpFGLDLpu3vpoMxZ+SickXx2MXi6:nd0BhpAv8Jv+5xvN
                                                                                                                                                                                                    MD5:8760D7638C811958C997AC97746FDC96
                                                                                                                                                                                                    SHA1:CB5D0324B0E2CF7C90C745F667102EB2B14722DE
                                                                                                                                                                                                    SHA-256:C897DD480D12643F24A357B1969B78B91DA6B7E8A950DF2092856010AB8A8E07
                                                                                                                                                                                                    SHA-512:56CF699B98F0EA9C97740CD5FC7770FEFBE90BA9A801FED5CEA855FED8C3EA53207FF45028FF2220D8EA1553FBF797ADFAD01AAC46D422EB9E82781DC7B880F6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\SwitchIndicator.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3330
                                                                                                                                                                                                    Entropy (8bit):4.752119040809457
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OGDgGp5Qq7rgI67BA/X//bXv6VZy/Gly6Ra:nd5CB7fdpFQDLp5/7ULEXbCVo/mFa
                                                                                                                                                                                                    MD5:2EC9174D585AA4F418A831EDB97C0B9C
                                                                                                                                                                                                    SHA1:E2C3ECBE6E7BC4FFA8DD5CEF3767BA3438F76C3E
                                                                                                                                                                                                    SHA-256:F01406646BB316E79AFCF276DDC59BC70BA46DE58562B1173A6ADF33728DC7F4
                                                                                                                                                                                                    SHA-512:00D834A26C0506C183E37A5ED077067684B63BFCE40D3662596C6E31F19B6CF3E3C743B575C3D6A764C1D8B925C9B65055838618842F6BF345CE48411EBE4FFB
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\TabBar.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3437
                                                                                                                                                                                                    Entropy (8bit):4.785298813653595
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDgGpmQ3JFw0cwlc8L8Nd2JB54xocy5y6Rsf:nd5CB7fdpF+DLpp3v5cNz2r5ws5Fsf
                                                                                                                                                                                                    MD5:E0C9C5E2BFC89B835932400D5F5FC80F
                                                                                                                                                                                                    SHA1:063643A8DEF7A64BFACB373F2B1E6EA9291F3EEF
                                                                                                                                                                                                    SHA-256:DF91849DA352EB0A6FA50AD30188014BC8EE8927676EF2108B7DDF55A3BA97B8
                                                                                                                                                                                                    SHA-512:93E21896F9F31F2E02D7B36E7C52AF63862C6E62422591250219F3A680527B42FEF4D107A89DC33D33E919F40188982AFC88346864E054FAC5331C2CFD3CABDD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\TabButton.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3208
                                                                                                                                                                                                    Entropy (8bit):4.826535254116028
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgGDgGp5Q3JFbt+kXxOqgb:nd5CB7fdpFGLDLpS3vp+kXxOqw
                                                                                                                                                                                                    MD5:22F5EF66ACA2F5F123545E57DA4B9995
                                                                                                                                                                                                    SHA1:E27C692FDC8EC203F3A331481166237A6E15BF27
                                                                                                                                                                                                    SHA-256:6D87E0C63D2A080B7C6728A3E3DFBF8F792032034EA770710202592F1BD532B1
                                                                                                                                                                                                    SHA-512:3627C4ADCE5B6EF2EE4E62280C4394026273DC745301BE6AD463CEB4FB13B0B71EA76BFE4C1121FCF81BCA1044CEBC5C302983541E1227F456823BD6B1274963
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\TextArea.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3727
                                                                                                                                                                                                    Entropy (8bit):4.830699947184764
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgGDgGp4Q3JgZLzAjPERh1FjygPi/PCdWFob:nd5CB7fdpFGLDLpr3ONmPMndWa
                                                                                                                                                                                                    MD5:07D5EB3B82FE60F2E43ACD5D2C11C147
                                                                                                                                                                                                    SHA1:73CFA3E99F861EBFC64751BF43535661BBB898FE
                                                                                                                                                                                                    SHA-256:CD31510A2D8460FC131E5A94D753D0B923F50626E575131DEC9C94CB7EE540C6
                                                                                                                                                                                                    SHA-512:2B169294E7F9F281E51BA6254AD43398E0DF5E1586C4B520B432AD3045A0041D8D8316E3C3AC4432D094438C44A95380BA81E56D33460CA64A9E9CE5DCEAE027
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\TextField.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3820
                                                                                                                                                                                                    Entropy (8bit):4.8410761106012945
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgGDgGpzQ3Tw/nP0p9PERh1SijygPi/PCk1pM:nd5CB7fdpFGLDLp83TcszP0nknI/
                                                                                                                                                                                                    MD5:81914053CF4C8B51173BCFDAB127BE2E
                                                                                                                                                                                                    SHA1:1222B9204AC958072ECAA1E28F7D80C987B71685
                                                                                                                                                                                                    SHA-256:09A990D8A73091DA451FE46D518175A4D794B9E955FF45920D0E9D8F4063458E
                                                                                                                                                                                                    SHA-512:35F16E4E063FBBA6A54844E387DBA874B65AB9BBB8BC9E5F281F43F397F85D915090B3A186C68916B172CE0D4FD040EFD65F4E70A9E9500843822901E17ED55E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\ToolBar.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2656
                                                                                                                                                                                                    Entropy (8bit):4.830282251562865
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDgGpVQhJFw0myjy5y6Rsf:nd5CB7fdpF+DLpOhv5H25Fsf
                                                                                                                                                                                                    MD5:CECCF52B0AEC6FBB914633703AF7A1FA
                                                                                                                                                                                                    SHA1:299363C51B8BB0898E3300A8A5451F3CA85BDA04
                                                                                                                                                                                                    SHA-256:69EF1C4BF0329EB9FE2E6DDEC7E584A3E38430250CA3D9EDCC38181D6E44E636
                                                                                                                                                                                                    SHA-512:8C1968A391708A7F9726D058C831C930D83C613BD33764BE1B6F759ACAB536090F42D2996F1CEC063210A24C794D8F3DEE7D1A2AB8B4D9700EDD9D4F0CD4B49D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\ToolButton.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3602
                                                                                                                                                                                                    Entropy (8bit):4.812649874502562
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgGDgGpAQ3JFbtBkXxSWrj7cMb:nd5CB7fdpFGLDLpT3vpBkXxSWTcc
                                                                                                                                                                                                    MD5:42B68708A8B18C126569C42844D844CA
                                                                                                                                                                                                    SHA1:E1DB4E42E6609532AC4731A8CB66866229C85FE2
                                                                                                                                                                                                    SHA-256:8D3AFD8D199595659F42212168ABCF55B7D1AC212A6616573BC083F73CCA1B21
                                                                                                                                                                                                    SHA-512:F48C3575E793E631915BC719FEFFDAD673517AFDD9EBDE93168DF4E4B7306A5C3ECD5669572CAA1A091A044503EE0E3537314AFB65C41FC613EA023EC7E03344
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\ToolSeparator.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2489
                                                                                                                                                                                                    Entropy (8bit):4.847822761591629
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDDDQ3JFbtM0QHb:nd5CB7fdpF+Dw3vpvQ7
                                                                                                                                                                                                    MD5:AF500ECFBBD1A4792B16FA5C373D9FA4
                                                                                                                                                                                                    SHA1:7FB693155D9DE76B81BC5505BA33A91A7F5F0A36
                                                                                                                                                                                                    SHA-256:595E7895E532F29F9CA2DA32501522B8C8360664238DC82C7793C73AEBCC3D1F
                                                                                                                                                                                                    SHA-512:10E9227C90ED7CD4D52C5D5CA196F1D28F59736A874988FFB46A7BBB18640D6176C33E19E86B00AA8651E877484450E64733EDF6830940F347871FBB57312292
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\ToolTip.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3206
                                                                                                                                                                                                    Entropy (8bit):4.885163038662627
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDlQ3o/JFw0jYWspetiF8ebpt:nd5CB7fdpF+De32v5jY/ppF8ebb
                                                                                                                                                                                                    MD5:CB7A270AC99A4F764986C3731EC6A906
                                                                                                                                                                                                    SHA1:AA9245F722DB3C96084E42F4AB3515D79E0ECC93
                                                                                                                                                                                                    SHA-256:6085F068214BFB06C453F1B671576AC585072A02638D871E212B7FFCBFCEB3E2
                                                                                                                                                                                                    SHA-512:14AC48489D020D7DC406499A4192372D2D344537A9252860DC914D70CE3D85E7476BD4FD6220E6CD335F9AE644B05018F3A6DAEC7E13E1DA896D1BDEC7321F97
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\Tumbler.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3317
                                                                                                                                                                                                    Entropy (8bit):4.826698729490084
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhg9GDtQ3JFI4CtfXKeGlZusHPwLA:nd5CB7fdpF01DG3vIvyrwE
                                                                                                                                                                                                    MD5:2D0F59B773A845F7F6105A2E6A6CA9AA
                                                                                                                                                                                                    SHA1:686126D568A0B636F4652EB820B6F94433575BCB
                                                                                                                                                                                                    SHA-256:1EF694FF3D76110423D945F9ED5948BA86587DBD130BBB953C1B88F3F7C08729
                                                                                                                                                                                                    SHA-512:06648257FAD90471945F4D56A47C1A0D93E65E1DF957A6A817B91D569CBE4A9EFA7826CECE30202EEF4E9BAE91AC2A8A55BDCA6EBBC2179A8C17C248862D5AED
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\VerticalHeaderView.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2965
                                                                                                                                                                                                    Entropy (8bit):4.806250208072157
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M25H6E+iCsAaKj7fOWIkFy9lv8GXG3Q3rNqYJfykFbbUWlNzx:L5CB7fdpFgWg3BqY8QbdV
                                                                                                                                                                                                    MD5:67CC5584067185FD2979461ED17C75E3
                                                                                                                                                                                                    SHA1:0824D45DAC32996C1F4ABC9294D5E77A8BEDBFC6
                                                                                                                                                                                                    SHA-256:B58DEADECF19234D92FCC035C0B773271B4CFDCCF24CD06E300F7C81903CA433
                                                                                                                                                                                                    SHA-512:C96E7782C9033D28279F5572AEB4910420A52CB72D6DC3D017C240FF50205B6D94D1C8FEFE9065E2F80644E9E38E1B37B5F7D76C0D1951E58D341FC16556B5C4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\plugins.qmltypes

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):19745
                                                                                                                                                                                                    Entropy (8bit):4.398954459962296
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:0OEsWJxl7IC1CoZT5zkTmOG8pHBhk99bry4:0OEsWJxl7ICMoZT5zkTmOG8pHBhArj
                                                                                                                                                                                                    MD5:9DF4F4EC635616DEBA44BECF1D4B1289
                                                                                                                                                                                                    SHA1:550EAD9AF422A5CCABB4EBACDD53A23F3A4FFC39
                                                                                                                                                                                                    SHA-256:65CEA887FC78F250BAC61E4E4B6BC9F21C9443F74CA16C6461B808574C5BFD98
                                                                                                                                                                                                    SHA-512:92107583FC0A94EC5F6665100036099293B02995BA32384DE61BE1172B1E51F75D7644DD4B262627A7B00B58B9D0D19F6067292BE259285F56D77F0EB1A4AE40
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:import QtQuick.tooling 1.2....// This file describes the plugin-supplied types contained in the library...// It is used for QML tooling purposes only...//..// This file was auto-generated by:..// 'qmlplugindump -nonrelocatable -dependencies dependencies.json QtQuick.Controls.Material 2.15'....Module {.. dependencies: ["QtQuick.Controls 2.0"].. Component { name: "QQuickAttachedObject"; prototype: "QObject" }.. Component {.. name: "QQuickItem".. defaultProperty: "data".. prototype: "QObject".. Enum {.. name: "Flags".. values: {.. "ItemClipsChildrenToShape": 1,.. "ItemAcceptsInputMethod": 2,.. "ItemIsFocusScope": 4,.. "ItemHasContents": 8,.. "ItemAcceptsDrops": 16.. }.. }.. Enum {.. name: "TransformOrigin".. values: {.. "TopLeft": 0,.. "Top": 1,.. "TopRight": 2,..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\qmldir

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):155
                                                                                                                                                                                                    Entropy (8bit):4.5598280105456475
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:3BV9NKfNDyVMURCNajJW4whvyWmopCxKD4yMg2cakyxRS9NKSvn:xVfONDGMUj1tw58oI04oG5Cfpvn
                                                                                                                                                                                                    MD5:087236C6EB9A82D9BB57278A08D5D039
                                                                                                                                                                                                    SHA1:B31AC662CE411E2DE7F87973B1A213E3AC620D0C
                                                                                                                                                                                                    SHA-256:BD78A9455635EAC335F2FD294323939B70B5906DC3C26C83441920413157E533
                                                                                                                                                                                                    SHA-512:705FE9B9C21E525E83E66C2594EABF01D42EFE66D7F44CF61A0C8539D7FDE08D75DF5C83E056F49100C901E2073BB9DCAC0457214D5DF32C7FED815F1C0ED9DE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:module QtQuick.Controls.Material..plugin qtquickcontrols2materialstyleplugin..classname QtQuickControls2MaterialStylePlugin..depends QtQuick.Controls 2.5..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\qtquickcontrols2materialstyleplugin.dll

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):746480
                                                                                                                                                                                                    Entropy (8bit):4.656573871864589
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12288:6+pIreBgpxprwppphpVphp/pnp/pNp6pQpQpxpVpApB3p/p4pWpcpgpCpopipmp+:5geUJ
                                                                                                                                                                                                    MD5:B7D862F5F15E86B73C670913684FA8E4
                                                                                                                                                                                                    SHA1:8266952E8E14D04B5E710563935791D1DD90A2AE
                                                                                                                                                                                                    SHA-256:2EABB8E5F3B57E42C6F29DB645EDC4BAC17910B1AC0D8D0083C66B152F8878B8
                                                                                                                                                                                                    SHA-512:E68E6298F557CB92EB2AAA9D334621EB1B29AB1186A4F25E22F28667B5EBC4732639827C5CE136360525F0EE300FF37ED424DD311626AF3FD5C36710FBF0FF23
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........E..............z.....n...............n.......n.......n.......#...............#......#.......#.......#.......Rich............................PE..d...9.._.........." ......................................................................`.........................................P................p..x....P.......H..................T.......................(...P...0............................................text...]........................... ..`.rdata...M.......N..................@..@.data....6.......0..................@....pdata.......P.......0..............@..@.qtmetad.....`.......<..............@..P.rsrc...x....p.......>..............@..@.reloc...............B..............@..B........................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Menu.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3132
                                                                                                                                                                                                    Entropy (8bit):4.814273270880492
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhg915Q3JFw0cw/NtPCccswXO:nd5CB7fdpF0US3v5l/vCccW
                                                                                                                                                                                                    MD5:C17D3D7BFB6888203D88C2C8E5391B7B
                                                                                                                                                                                                    SHA1:9A3F9E3E37F513AE66BA4B6C012B2B7FA3906890
                                                                                                                                                                                                    SHA-256:071F5C638437BBCB3C6992FFA69F4A459F148D060C342F1D0F5E6C122201E743
                                                                                                                                                                                                    SHA-512:707414AA1ECA3B3B8C4CBAF1E39632FE495E60BC9E8D602AEE89A7289F71EB81466E7E1411A929AB50BB924636820109EF2801EB92D2A790CBE8C1A4A7DCF988
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\MenuBar.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2515
                                                                                                                                                                                                    Entropy (8bit):4.821005781824648
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhuQ3JFw07mX5:nd5CB7fdpFGx3v57q
                                                                                                                                                                                                    MD5:D71025F7D7E9ED4129595A7A0168BC8D
                                                                                                                                                                                                    SHA1:A2EF2D3D093BE18BE7FBC220EE742477C1326222
                                                                                                                                                                                                    SHA-256:E84583C39B610DBC2E89B9D284E6850D4DC80FD7C2151BA3A55D4BEA9926262A
                                                                                                                                                                                                    SHA-512:09BEE1B070EC4B7CF3235F65FD4294816778D3BD263C6CD3EC42A6C31A33ECC5A2B4CAB6A7D03DB276AA6D7110DC2D304B2460205B064C1399E4442E948469D2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\MenuBarItem.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2994
                                                                                                                                                                                                    Entropy (8bit):4.804111096356225
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhBQ3JFbtoMokXxtwwX68:nd5CB7fdpFGa3vpoMokXxtz
                                                                                                                                                                                                    MD5:8ECD638D4ED2FF8B1803D1D5196C1556
                                                                                                                                                                                                    SHA1:5595E12AD1A6FCED601F2A2F4D0FF911F8F0FE58
                                                                                                                                                                                                    SHA-256:25267737CF4A0430631BC80B509647B605B903D9C2BB39A7D0FA05DF3939F5B2
                                                                                                                                                                                                    SHA-512:D81E449DDAD983AB9B89B4C5F8B28A7713D7FA511C0FE23A917E87E4F62992B49D3E24B0C14C50B3E392E6F974ED92B0DD08316752D4DF18EBB86E6982D4113E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\MenuItem.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4379
                                                                                                                                                                                                    Entropy (8bit):4.80556368692418
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgFQ3JFbtoM9Zxe/xecakXxntM44QY4jX8swX/:nd5CB7fdpF0X3vpoMtQskXxKLyM3
                                                                                                                                                                                                    MD5:B05869D66C6D02AEA7FEB9CA883D8946
                                                                                                                                                                                                    SHA1:8ECA11E561E4C52DA3D3E6C8EC32A8D640382E30
                                                                                                                                                                                                    SHA-256:2AD146A44A773E8105BBA1A9A1A2552D4F64C0990C7EC48E3A98D59044398BC4
                                                                                                                                                                                                    SHA-512:C55D6326A1E0C68D36DA8272C3BFDB5B1060088617E78BD76B4257C71DF02EE3C4C927268E5FBBD46740FC68BE41C3A95B50E1B4B77048581C2D679470636D12
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\MenuSeparator.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2442
                                                                                                                                                                                                    Entropy (8bit):4.839225593423535
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhg5DQ3JFbtrjyA:nd5CB7fdpF0V3vpP/
                                                                                                                                                                                                    MD5:B5F15E86F80B2304F2AE672FADB3EE96
                                                                                                                                                                                                    SHA1:76A5C6EF45C9A05B5EBA7A7907588D69462181B8
                                                                                                                                                                                                    SHA-256:58A848C945814A0E233E775DC308F719FAB3790026687790D66B7974408C5F6C
                                                                                                                                                                                                    SHA-512:9D4B8B45B03D2B41AA44A256BB2A02BC993988E8FF4C52128895C27EACAB1E16A0FACB519132578EEA67395ECA27F2473D8C4A46BF1AD4814C56C91D04E27B50
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Page.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2604
                                                                                                                                                                                                    Entropy (8bit):4.774696392771712
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgOQ3JFm0QuLYupz:nd5CB7fdpF083vn3L/pz
                                                                                                                                                                                                    MD5:761015C43D3CB38D4A0E8A0694CA39F3
                                                                                                                                                                                                    SHA1:245BB0B79F994960BBDDB609CD0D143B905EEEB9
                                                                                                                                                                                                    SHA-256:4D4AC1104FD58E70DF514B2AB5D46B037BA489CB96C64505A3D672ADA6CC9884
                                                                                                                                                                                                    SHA-512:E3B37BF9AFAEBDF05B9F4A47810FE0440560E521CFB91FF5B31B4723704339AC5533C04A7AE845760F4968AB53CFD0CD8E0C4597D41A1C31254812ED07C6F259
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\PageIndicator.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2763
                                                                                                                                                                                                    Entropy (8bit):4.829470306877085
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhg3DQ3JFbth60+FZZ:nd5CB7fdpF073vph60+Fz
                                                                                                                                                                                                    MD5:29A933813837994A869AE9839B1C3D26
                                                                                                                                                                                                    SHA1:C29B1149A39BCFD5194510A6679B01826C8C82CA
                                                                                                                                                                                                    SHA-256:43433AF6C1F53A570C8CFCFDCCDFA41D8806CBFC9F1BB962CA12EA46CF4C0A6D
                                                                                                                                                                                                    SHA-512:1266AEBD949CA874EF9CD01E834F005F80B70451D3F83AB0812CD7E5D3C2DC993E9620D4762983D8A29145112C737AD9E98BB2E6D59C2D1DA6A9AE4B74466472
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Pane.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2331
                                                                                                                                                                                                    Entropy (8bit):4.838692827239353
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhg/Q3JFw0F:nd5CB7fdpF0F3v5F
                                                                                                                                                                                                    MD5:D55630888288DE076EA18EE14D8CFF45
                                                                                                                                                                                                    SHA1:D598CDD2A146D976F577CE49885CE0FDB60462D2
                                                                                                                                                                                                    SHA-256:B01825029C2139A4ECF9BC1CE3C1379D19F4A3D7F8635BDBC0A9DBC28B13C2DA
                                                                                                                                                                                                    SHA-512:6C5C2D322F18385BB9706AED40921DD258E49E4B9B0DCED4C44D1097206118291F06FF4E4BAAACCB15101EE9ABF9BC90D70532856EEC9C404802350D05986A3B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Popup.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2592
                                                                                                                                                                                                    Entropy (8bit):4.855929209866687
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhg1Q3JFw0S:nd5CB7fdpF093v5S
                                                                                                                                                                                                    MD5:D03D6CF824C899D2FF247CD0A474D986
                                                                                                                                                                                                    SHA1:DB54B862972C8D722C1DB47B3251975066B230AF
                                                                                                                                                                                                    SHA-256:75C32398761D16E0E875E26E9584EF67CFCD1A1F4F2938F3C86A57E17334CF2C
                                                                                                                                                                                                    SHA-512:065EB0674EB7BF0AA3C7CCC90E7FEDE654674B17E4074A9656C3B36CC37F6AB21C28CD30540360BDD7E497055F4D1C6A35E4874AD27F6B0DCD29C29D82DA0EF9
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\ProgressBar.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2735
                                                                                                                                                                                                    Entropy (8bit):4.8163289625337455
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhiQ3JFbt8zexozakWsfKOZ:nd5CB7fdpFGl3vpOeeza3OZ
                                                                                                                                                                                                    MD5:0BFA56149AFF7B45DED9F77C9CC85F6E
                                                                                                                                                                                                    SHA1:66CF64F0A9994224CF85C3080B59A93B28B2E6CC
                                                                                                                                                                                                    SHA-256:70000725A412BF884244F5E7A170A23BC2F4B96BE636C42F830067FA3F4FF728
                                                                                                                                                                                                    SHA-512:9FD5537CEE85B45106C8604BDE0528868B7357A11B02A8EFBCD63FEA8E8206620F3AF6D3D3CAEB33B6F80D4AD49F13FB97FFF3B1AAC76404FE2D891C6FA097D1
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\RadioButton.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3713
                                                                                                                                                                                                    Entropy (8bit):4.773769607411336
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgUQ3JFbtoMbW0J4qkofqG0xeskxJy:nd5CB7fdpF0I3vpoMb5TsGgWo
                                                                                                                                                                                                    MD5:8E2E42B0CB63F3B7F68F097CB97B0E71
                                                                                                                                                                                                    SHA1:454F9AEE8A0396FDA827B445318FD320C11AB1C3
                                                                                                                                                                                                    SHA-256:114FF5020E93592ED84368576EEC23AB3F999129D8C2BBB7FCAFAB3603FC28D9
                                                                                                                                                                                                    SHA-512:498F75A42BED01A02503870A3DAA245E2886DDE219D5728D818C3D7A9BCE28072BC74E4FBB493EE42B83FFA05131C958D4525A6E28EA914AB815C2DA25355932
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\RadioDelegate.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4169
                                                                                                                                                                                                    Entropy (8bit):4.758093410324449
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhg7Q3JFbtoMhxeszxqkXx2M7XY4qkofqvPwX86:nd5CB7fdpF0v3vpoMjLqkXx2M7ITsvyZ
                                                                                                                                                                                                    MD5:2B788400464D9EA3E1B0A465FCC23958
                                                                                                                                                                                                    SHA1:1D7368BA133BE85DA3D64E37F6986AD55864451C
                                                                                                                                                                                                    SHA-256:B3DBBFC1472B5CA9F5C836AC14BC847E878155AFD875F81CB600A9EC769F148C
                                                                                                                                                                                                    SHA-512:A66E39223AA6568C3BBE597A4FF93FF042EEA117E7B8A0AA6A0319F109D4E3D8D1B869311FBE0C78062E6F8BAAA98F5FA0C3EB548568391234496813D2410562
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\RangeSlider.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5005
                                                                                                                                                                                                    Entropy (8bit):4.758902637937423
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpF033vqSEJmzpFmzhbngPdgcH8:nd0Bhp3SEWM0gV
                                                                                                                                                                                                    MD5:7E419F94FB2F5B1B4C956D66FE04F313
                                                                                                                                                                                                    SHA1:A6A337439BDD2233D727BC8C55FD85966259A01C
                                                                                                                                                                                                    SHA-256:81A2A87DF4D44A5023170189DFCE8076FE8C420B8D6912FEC23249D56A8D6D0E
                                                                                                                                                                                                    SHA-512:595B430F0CB3CD8256A9156C859E48CE38FC85EA73EE60E2F1F32A00B53F965B14520637ACC723C50F06775142977641782DA4B3A27AF430106FCE6CED85F7A4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\RoundButton.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3633
                                                                                                                                                                                                    Entropy (8bit):4.778438090721813
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgHQ3JFbtb3kXxEzwwXBpcWr:nd5CB7fdpF0L3vpbkXxIdWW
                                                                                                                                                                                                    MD5:42A33AD9B25996DA051E4A496628F25C
                                                                                                                                                                                                    SHA1:7F49BD32C739ED2378C246104C1A71434C5A2842
                                                                                                                                                                                                    SHA-256:3F06E0F1CC2222D5AC39949DD6AA50C5BCB88BD9BFECB0330CA6ED62A46C53F4
                                                                                                                                                                                                    SHA-512:9BFE3C9AB1D671974078811121D1DC37F69810AFCB58BF95BFBCD19CE4CD257B262C3A3BCECAC69BB9636F4A0B34A58D85FCB0D3FF4E251F85517A24884C9724
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\ScrollBar.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3211
                                                                                                                                                                                                    Entropy (8bit):4.8343887210632195
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhg1Q3JFbtfSQkBLIkF/3ys5:nd5CB7fdpF0d3vpf1kBXJ3yG
                                                                                                                                                                                                    MD5:B851CCBD1786C616CD8C1B069DA5C640
                                                                                                                                                                                                    SHA1:860B1A5338B05FA821EA4F168AC76D894B9C2130
                                                                                                                                                                                                    SHA-256:ABE6BBAF5F31E5DEDA3086423EC8935BAE426F945A5532701982B3E1206857FA
                                                                                                                                                                                                    SHA-512:45CAD29A8569C5F48679D5A447942C7565988E3C1515522256E9511B5265702DC2BA5BC441D848A8D25ED36A80C5BCB56CA59C0C9CD14BE195A5094BF5846698
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\ScrollIndicator.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2981
                                                                                                                                                                                                    Entropy (8bit):4.75619578796289
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgVDQ3JFbtnLSNxAF/k+isH:nd5CB7fdpF0p3vpnzJxia
                                                                                                                                                                                                    MD5:9FA5611A631E0FABC7C35433CC09E93B
                                                                                                                                                                                                    SHA1:689C9ED60D1F34DBB63C3B6549E471FF081D9601
                                                                                                                                                                                                    SHA-256:4E33A27C70ED092B8FF5DB889A6F2ADFDFC780525AC462E249CE428804C9F2E0
                                                                                                                                                                                                    SHA-512:3646644FE2A3FE69448986BA885899AFEC58772D5D54395DB0FA0B0E5E62F83B8C6B882D4FFF6B082E00E6B160EC1866DAEBFA119E11A62EF699EC77FA1E2D02
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\ScrollView.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2725
                                                                                                                                                                                                    Entropy (8bit):4.818398008330529
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgdQ3JFw0i54l1K+h:nd5CB7fdpF0v3v5iCl8e
                                                                                                                                                                                                    MD5:4CD5AF2ABBA5A14956D162EEF759C371
                                                                                                                                                                                                    SHA1:689777D7AC3CA08105F3BE4CEA92C655F236C9B9
                                                                                                                                                                                                    SHA-256:E133806D109716F7B355F1D643A18FEE659A64ACC1D8E27089A568E82EB4D3B4
                                                                                                                                                                                                    SHA-512:9FA50C54708C0C29638D69E96FC7372A1B687E6E678C6169A11AFEAD7EA561C69AA116AE0D9F05A40B7D5AE4BE4459F136C09BF3CAFEC67703F7AEA562A36FEF
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Slider.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3923
                                                                                                                                                                                                    Entropy (8bit):4.794707446109668
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgQQ3JFEIr86EAwNm8JOb6EAM/y24YOdh7q:nd5CB7fdpF0i3vj8Bm1DngPdh7q
                                                                                                                                                                                                    MD5:B469B132AE469ACCA3F396C4BC1886A5
                                                                                                                                                                                                    SHA1:98A9B96BC9BD4CFDAA84871813517524099C3474
                                                                                                                                                                                                    SHA-256:2B435D4E44817A589654C2A41D7758795DD1E148FDDFD9E2E192D1279D354FD8
                                                                                                                                                                                                    SHA-512:625762A0904D48BA78A662D94A03689DA7CC9287DB729FD036AA7A4D184E68B5AD78FBA2BD86DBA5102A9A146A94D8B3B7A5736756767AAD232E4997F96D6ED4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\SpinBox.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5365
                                                                                                                                                                                                    Entropy (8bit):4.629971532594098
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpF0X63vARkq3NjK7+b5SnATMSWAlQ:nd0BhpLCM
                                                                                                                                                                                                    MD5:70C54E305C8ED6278387D1605EC35B53
                                                                                                                                                                                                    SHA1:C274B2B47C217AAAD29558E80AA91405F28D1599
                                                                                                                                                                                                    SHA-256:7A8A219B1E85FDBDE2A49C168706CB29C41530720CB4E9D082492104A49F1A0F
                                                                                                                                                                                                    SHA-512:0ABDA48253D43B0A9AC7FBCBE34D3D1459D6BED94A9C16DD0EABEC464536743E7CC70931F81DB3AF6EC50E2F2C0E8A5F343EE8F0869381E046AAE511A12C2C46
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\SplitView.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2605
                                                                                                                                                                                                    Entropy (8bit):4.853125997394258
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M55H6E+iCsAaKj7fOWIkFy9LixgQqJFbtyz6V2f:U5CB7fdpFzqvpy2g
                                                                                                                                                                                                    MD5:A0671680A70476FE755E8B4E69A9084E
                                                                                                                                                                                                    SHA1:D1CFB08DE1F3F4295C6A16C1532AAB70379032D3
                                                                                                                                                                                                    SHA-256:FA338E11C1D5CA56D42BCB1952C307EFAED89FF9E62870A768C5CA40F3BC4875
                                                                                                                                                                                                    SHA-512:349022AEB030E6275ED6162B29B3D80105F94554101C058C59F112BAD9205112D1F4442B587837AE8846296EE34D553F9029CCD1401EC019E7E7429EE96E835D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2018 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\StackView.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2879
                                                                                                                                                                                                    Entropy (8bit):4.918905834543331
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:MCdbFTT3QXf8WYwid0szM6RqeRGNfj9TNZlOWIQNydOtQ+y9OMmRQq8vSKSHzSQx:MCd5H6E+iCsAaKj7fOWIkFy9OMeQpAF
                                                                                                                                                                                                    MD5:8A40D2C1EC0D67DF4B7380EE96157B2F
                                                                                                                                                                                                    SHA1:2550BE9770EF8996F37AE469769321606E907AAF
                                                                                                                                                                                                    SHA-256:CFAF9A1325B36060F9E7489E80A5462F11F9FA99E5F78E4DD6D6DD0B10222F09
                                                                                                                                                                                                    SHA-512:44893E3226FEE75D6DAC97CA34C6526998B908DE24E9C6423BF1B5E42883B06DE1FA2689564EFEA07DE409D16FDE63A2FEE519006796B475BC49098DFDE415A6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\SwipeDelegate.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3262
                                                                                                                                                                                                    Entropy (8bit):4.81695114339966
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgCQ3JFbtoMIkXx2M0PwXCrk:nd5CB7fdpF0C3vpoMIkXx2M0XI
                                                                                                                                                                                                    MD5:869738000F1E92572EAA2CD8A9BC2AAF
                                                                                                                                                                                                    SHA1:F531473E603BCB8DEB57DDC425CE2C03EFA47A7D
                                                                                                                                                                                                    SHA-256:D46804EE223180A03C18B4525D9BBEA14E8C4A559908CFFB6924BFD2340BB83F
                                                                                                                                                                                                    SHA-512:38DA3A172D40E99F4BAAA2876474FDF937A0400A4F1A3894E3F65C026D55D1BB2D211A36201F2D5092E490627F5E50BDFDB7D2D2854FCADEA99C58FF2C7F04AF
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\SwipeView.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2821
                                                                                                                                                                                                    Entropy (8bit):4.8381484195048525
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OM8Q3JFw0IJeSaVzdSw4:nd5CB7fdpFu3v5I3aG
                                                                                                                                                                                                    MD5:CEBDA1281CE7EC8EA1D962680730C66C
                                                                                                                                                                                                    SHA1:965F242782FAE447EA9BA757E066132D1AC2B545
                                                                                                                                                                                                    SHA-256:790F1CF3FA94FD7C7ED4741121EB8DAEF603FCDF07A9C43D1B9B3B147CBAAF6A
                                                                                                                                                                                                    SHA-512:C0D666A10E5868B085CCA0AC5B7A0E0C6D93EC114EB5FDBE382FAB1284B8C50756A7373219F0A3150A3BBD201E595E6F17883A9D8983AA18C88E050E401E069A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Switch.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3947
                                                                                                                                                                                                    Entropy (8bit):4.757657645064246
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhiQ3JFbtoMSqq0J4FsAlQo/iRJzT0xeskxJy:nd5CB7fdpFGl3vpoMSI81i/TgWo
                                                                                                                                                                                                    MD5:00631CFEE04C7AD041504DB617D36014
                                                                                                                                                                                                    SHA1:46921019213C2B2AC33965FB6763EFCDBE19E2C7
                                                                                                                                                                                                    SHA-256:D2696E10B1054C586A6264C20A4EA70920D947C2C03A1C0FB8EE1261978F701D
                                                                                                                                                                                                    SHA-512:26F25C312555483AE6F54462E3ED9DE5BBF1226FA9B231EDF5FA2956E3611671E3B5000844FF2F7F8032A8E1C83B3C4E7DBEC7DA22B6368445FB524BA33F17AA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\SwitchDelegate.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4489
                                                                                                                                                                                                    Entropy (8bit):4.751534437214193
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpFGu3vpoMcC81i/sLqkXx2M0yZ:nd0Bhp3Jx81lxv1
                                                                                                                                                                                                    MD5:8C5871CE80D0FF65E57118453E21226A
                                                                                                                                                                                                    SHA1:15B39A26A689B373C5AF907B34C691BDFB0A67AF
                                                                                                                                                                                                    SHA-256:558C928F3C74474C829611AA29D54EED9C598E0213943FEE88A54692A81A7BDD
                                                                                                                                                                                                    SHA-512:E05DA99F8436E1CDB892E6AA5BB4183C53348D312E7BAC827FC07141C31B4143D24A6715D3D229B4346006A4F3E9EC8A00C973BE1AC3D54F6097705F173C7F85
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\TabBar.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2773
                                                                                                                                                                                                    Entropy (8bit):4.839153998426681
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O1Q3JFw0cwlcZiSH59:nd5CB7fdpFA3v5cNIy
                                                                                                                                                                                                    MD5:A74E49BB19F90DF902A3EABD598A0A53
                                                                                                                                                                                                    SHA1:C43A49685D43F3425FFE4BB409C9BB0DBE640654
                                                                                                                                                                                                    SHA-256:54FA946D021F78B2E35B38F3769B036F5943259F86C28B4362E184FAFCB9AD01
                                                                                                                                                                                                    SHA-512:8D47E4A041CAF6D758049158F1874E98D1C5923E9DC5C8150219B47A4B3F3548F5CFCF88CB3A03CDBE9D0237A9DE9C2788F41935461BF8F5EFDF3BA8DB864626
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\TabButton.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2987
                                                                                                                                                                                                    Entropy (8bit):4.798051662963486
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhggQ3JFbtZckXxNKXCXi:nd5CB7fdpF0Y3vp2kXxLy
                                                                                                                                                                                                    MD5:9C1CA9A17DA0491B998E87B62643E567
                                                                                                                                                                                                    SHA1:75D4FEB4CAEF7F61657B6127B13C18B6B88F3E4C
                                                                                                                                                                                                    SHA-256:777DC9EF7B8278285AF9844E0F465347D321D0F5B9425448E1891F78257A0085
                                                                                                                                                                                                    SHA-512:D3FC772CB97A5A9B91C5D4878913150EFBB6E3AA96CFD5D2E056F90D35A862465F4965F2F6C692C9267D772E784E8451669D6AB52C952E49AC4002DB0459CC81
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\TextArea.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3313
                                                                                                                                                                                                    Entropy (8bit):4.81341500049657
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgPQ3JgZLzA9Uujygyi/5Ct:nd5CB7fdpF0p3ONsUu+t
                                                                                                                                                                                                    MD5:7522606A7EA70E450F859848C41FC134
                                                                                                                                                                                                    SHA1:130B6277CD65CBDDBEA007D22A9B40A7F3EAC14C
                                                                                                                                                                                                    SHA-256:F912C4DF59C22B53F85F0BF0C5C7BE178DFC66CE2C328C86598FD6C931ADC1A8
                                                                                                                                                                                                    SHA-512:7F205F9BE5189BE424E210AD461675C2A44C58A0DA1C1763A7FC4B141CBC10448172C4B59B3FF2A756CD8F9E860C28F010499256ADE1C392C3899AB198A4FBA6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\TextField.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3571
                                                                                                                                                                                                    Entropy (8bit):4.831582188655847
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhguQ3Tw/nP0p9Nj+jygyi/5CyswXZA:nd5CB7fdpF0G3TcszNi+yS
                                                                                                                                                                                                    MD5:1DA0C6339D4E766DF8F478C718CC19FF
                                                                                                                                                                                                    SHA1:C7A79E0772D9D97E86E614284638A89752EBF0B2
                                                                                                                                                                                                    SHA-256:8F792EBEA56C72FB291DFCA0DB0C5D93A1782924781008E355504F5F14AB59DB
                                                                                                                                                                                                    SHA-512:5A39FCD79913AB20D71D91FE400FFB535509E22993D3C6EB2B0B6BE32589FD61F4059FF16D35327377BB2E885FA4FCE7F3AD965A7CD13F684ADA7D1D25B579B2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\ToolBar.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2343
                                                                                                                                                                                                    Entropy (8bit):4.839387606601536
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgwQ3JFw0YX5:nd5CB7fdpF0s3v5g
                                                                                                                                                                                                    MD5:FB466EBB67A6A80E86D318EAEF23E359
                                                                                                                                                                                                    SHA1:C83442D520026EC261BD31479FA80F6FF3EBED01
                                                                                                                                                                                                    SHA-256:44EF02AD2FB1680D9C8F07E860F31F6559D317688211D6866A48A7D9F61779FC
                                                                                                                                                                                                    SHA-512:C46F838DAE07269BA496F38C1B1119C5A9F9BCEA9DCF9B975519AEC350209F827623C74A2412FCB66188A11BF9A5F57A5512720BC8AA41790419848E12234DAF
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\ToolButton.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2998
                                                                                                                                                                                                    Entropy (8bit):4.8220367527818055
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgjQ3JFbtQkXx+ww3F2:nd5CB7fdpF0h3vpQkXx+L8
                                                                                                                                                                                                    MD5:EF218CB8A8AD482B657573BD7BF1D11E
                                                                                                                                                                                                    SHA1:0880EB6098F5E2FF13D5B4130CDD53CF10FBD0FC
                                                                                                                                                                                                    SHA-256:CFFA07A4B74ED396E974854782CA8AF88EA8938A99D6A4CF00808133FD609F0F
                                                                                                                                                                                                    SHA-512:2231A1AA47A497126AE67B89F76270C5EA2BAEFD4954BB90BB9D33B1DE6C4383678BB4CA9FA16969A057925B8F7F4204455920859CA2E814B75F32805E33C606
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\ToolSeparator.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2492
                                                                                                                                                                                                    Entropy (8bit):4.8422185369621795
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgmDQ3JFbtUiBuXA:nd5CB7fdpF0G3vpPIQ
                                                                                                                                                                                                    MD5:632F3D71CA4A76906A199FC0C6CA735E
                                                                                                                                                                                                    SHA1:AE225C531BA08EC3C7809093E3FCE347822916F9
                                                                                                                                                                                                    SHA-256:7CB420E0DDE01C0B43B97FB0068CFDC4B48802201583098F5ABF129D369FDDAE
                                                                                                                                                                                                    SHA-512:5C55398B8B5855D056E4F9AFCA4F687B2D8C4295F67E98AA2B029B99C94BA8A1D0BAD2E0768A7A3918E517CBA3589F89CDD48ECD10C38A3535E606CB761AF8F8
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\ToolTip.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2763
                                                                                                                                                                                                    Entropy (8bit):4.861346233395539
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgwQ3ohgJFw0JWO:nd5CB7fdpF0s3Fv5JB
                                                                                                                                                                                                    MD5:A43B5FCFA6BDE733516CD4250DE39BA6
                                                                                                                                                                                                    SHA1:40AB2E0C3EC63FE53EDF25100EE25AED14DC466C
                                                                                                                                                                                                    SHA-256:9ECD0A2492D7E7CC41300688497A7F9EF312164173C3BFA59D619C513C36A843
                                                                                                                                                                                                    SHA-512:E83780D602EC46E0A6E7D2BA65B3140F942625B2AB7098139FCEDACB829FD2C097B87F30DF61638C28A2BA1914F42C7B4630298BC237680F787BD9433FE4BA3A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Tumbler.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3289
                                                                                                                                                                                                    Entropy (8bit):4.813708726729087
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgwQ3JFI4Ctf9KuGlZusHPwLA:nd5CB7fdpF0E3vI1UrwE
                                                                                                                                                                                                    MD5:41B49164E4FEB96D77779D1430D3AF6D
                                                                                                                                                                                                    SHA1:5FC6ACC09EFDB6354F676772C06871BD6CDA04A9
                                                                                                                                                                                                    SHA-256:FA93702565F433661EC3CBF5B9A19A491F59FF92C6B3D45AE83C3FEF44FBA27E
                                                                                                                                                                                                    SHA-512:327F66898AFA927E722F0494CDC68D4424F6A11307E2D47FBB67FA7A12E22252262FAF15C1E68397A836CA5B9AABC68166092F5D56F234B226544126C3DDF6C7
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\ApplicationWindow.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2442
                                                                                                                                                                                                    Entropy (8bit):4.86493156112326
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OC9igaFk+BrvTd:nd5CB7fdpFxNF7d
                                                                                                                                                                                                    MD5:30922D0121AB46D783CE0BAB31858914
                                                                                                                                                                                                    SHA1:EA686E62CAA788CC849478521D6163F9F5FE7DDD
                                                                                                                                                                                                    SHA-256:EE81D32E871BFD35E69F8D16D3FBB532B048B118CD36E86800198939DA8AEC29
                                                                                                                                                                                                    SHA-512:23A191CA9AD0389DF183B12A1EFB54473975360EE0AC57C39CFF3D60CCAB8EB4119E69FA387CD80F3E0DBCF10EE5A833E8602ED4188488223DE6723B36E442C2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\BusyIndicator.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2614
                                                                                                                                                                                                    Entropy (8bit):4.866256211674586
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9igaADQ3JFbtlSIryy:nd5CB7fdpF6Nv3vplX
                                                                                                                                                                                                    MD5:6AAC2170F96C64FC76DB9495FA8CC758
                                                                                                                                                                                                    SHA1:1C1BB6B6348DE7F5ACFECC70A33E5E4D9CE29DB7
                                                                                                                                                                                                    SHA-256:2BC48326FF3F96C9B45BDB9F40D58C4247F0A3FAED1B6162053E62900DB29681
                                                                                                                                                                                                    SHA-512:7B01D6C7DEBFEE278C3E1798F068F6E677473969188CF6AF88FF6BB94D1D70429970D285322CCC9B98B1C1C0CB47AFA82FFC7BEEEEF3A24D8B9F265751E29032
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Button.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3611
                                                                                                                                                                                                    Entropy (8bit):4.7680902199349715
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgiaQ3JFbtdCsuI/kXx5QwMyUbcAx:nd5CB7fdpFGn93vpXkXx5QQUbB
                                                                                                                                                                                                    MD5:11876909BD8C572FCF9C68D861D81741
                                                                                                                                                                                                    SHA1:344F99132458B884F2D194E24AA81A64D973C900
                                                                                                                                                                                                    SHA-256:0BAD423B02C2011707A175A5A0419012D76CB347564E2B755D1556332CFEEA5E
                                                                                                                                                                                                    SHA-512:429D31F52DD66D2FF6BA7AB0C57BB44FC49F98BCB1116278BFEA3428BFA0A321A48DBF294791590541E502B6C4DC31645F3CA80C4C364FAA1BD89E94EC5FE497
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\CheckBox.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3231
                                                                                                                                                                                                    Entropy (8bit):4.833735206635413
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9iga6QQ3JFbtoMJ510J4i0xeskxICUlLQ:nd5CB7fdpF6N03vpoMYRgWpD
                                                                                                                                                                                                    MD5:1E7B9504E295508689B5970DC46D0BCF
                                                                                                                                                                                                    SHA1:165AF8EDCCC0BD2F1194B4C7ABC2AA01906CF23A
                                                                                                                                                                                                    SHA-256:5D949874D613C39F067E6C8AEDCED87C89041D812C82C8C9C99A940FBBBE6DD0
                                                                                                                                                                                                    SHA-512:E6E3129C374F0C2E52D2CA70F87B8109EBB949CE40B0F15125C92AC3CF77A419818543ECC3541ADBADD823A703B503481DC51794B7DCBC97EFBF5B4501742901
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\CheckDelegate.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4189
                                                                                                                                                                                                    Entropy (8bit):4.819183062317373
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpFGnNi3vpoM24SickXx2MIb+n:nd0BhpFJ245xvBn
                                                                                                                                                                                                    MD5:EA2A891E3ABA55F35659D09FF6234EB3
                                                                                                                                                                                                    SHA1:E6D71E1AF8A90B52C609395F55D3667C67EAFC63
                                                                                                                                                                                                    SHA-256:CCA48AD0B22E517AC4487713563498EF4C742773E9523667FB89EA16CE1F5384
                                                                                                                                                                                                    SHA-512:E46C4BDD6AA941751503D42484B1B55F5B96D6C907044E66A979633C0F632C925287B6147AD348379A13A0B3D2BCAB6A71D642B089B7F12D1AE3644CBF5E3488
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\CheckIndicator.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3964
                                                                                                                                                                                                    Entropy (8bit):4.847429026644494
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgifSv1aTHliQ1WQMaLb:nd5CB7fdpFGnfgoIQEu
                                                                                                                                                                                                    MD5:61CDD8891A294B6B2494E99C618867AA
                                                                                                                                                                                                    SHA1:2EFB0001159C56776B8990D4D8201AECF662C346
                                                                                                                                                                                                    SHA-256:D1A8C5BB4368D063188614F256104D10B51D0AD1932B3B12E7E5F5022BE718E1
                                                                                                                                                                                                    SHA-512:31D5D96F7FAFF791A61DBFFB58B61E9021B9B4A2CDD53C30BB367A3A940B4463675ACE7301B5317351BBEE763134E66A31DADD4E5F59BA46037FBE1BA6C1CFE5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\ComboBox.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):7147
                                                                                                                                                                                                    Entropy (8bit):4.739793868011712
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpFG3vpoMktW0UpMbYRzH/Yru94+q6JQ:nd0Bhp4JkQlXhAuB8
                                                                                                                                                                                                    MD5:A3776592653DAE5F62961D696BA09731
                                                                                                                                                                                                    SHA1:1BBD4E1268B31E01AFB0FAEE96B04CC209C135F8
                                                                                                                                                                                                    SHA-256:300F8A895A7691D353CC890F64BF2D09E84D77F1E1CFD4C6BB181AD8D963BDDC
                                                                                                                                                                                                    SHA-512:FB39A5528F0A49626D176DA7E8E02749044810781E96237A6C703332637C2A1C4E370E19F73894661B0EEF8070B272A7644E7C50B32D89901F81E87DBED4A3A0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\DelayButton.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3597
                                                                                                                                                                                                    Entropy (8bit):4.76073627095022
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9iNrQ3JFbtdCiwrE0TCEGlLLdvyAuKzbcAx:nd5CB7fdpF6NU3vpkr4vdaAdzbB
                                                                                                                                                                                                    MD5:B980189F05C5741173E22F64617CB55D
                                                                                                                                                                                                    SHA1:DECD107743FDC3EA0A3D6B7143FE5EAF2E32184D
                                                                                                                                                                                                    SHA-256:06AB47615A79986D559A5CB7FA39B6D54D12DBE67C4AEC1265345B30459AFB27
                                                                                                                                                                                                    SHA-512:B94A65E82A45CD2394C272405AA410020072C0992127E86AE2FEA37EF100C63BDA5AA40D2E72F24DF897FD54034588B166D8DFBCCBDD0EE32FDBC007C69ED4C8
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Dial.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3648
                                                                                                                                                                                                    Entropy (8bit):4.790213481862165
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9igQ3JFHCtLFPif51ca5f93ori52/9yiX3FJ:nd5CB7fdpF6z3vCB6f5V1si5G0inFJ
                                                                                                                                                                                                    MD5:F86A18F068D4B114D1430152FEFA2152
                                                                                                                                                                                                    SHA1:D585869C1E698B95EC300C979F23573C6693EA8D
                                                                                                                                                                                                    SHA-256:CA78F83176C643CAAC68AA49DDFE09302B5ACBBA09CAED32804925AFB356C0F5
                                                                                                                                                                                                    SHA-512:461843598BECFD9BE8196C3D84A9146733A47692AE1BB861DE378729DF25729C68426DCC53BAA79E4A97871D96C72E52C94AFB23A8F9590BA64470A16340C3B2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Dialog.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3544
                                                                                                                                                                                                    Entropy (8bit):4.780414940069658
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MiWQ3JFm0QuLYupDDaSERbLXz5/15Uxb:nd5CB7fdpFLZ3vn3L/p90jW
                                                                                                                                                                                                    MD5:983488B33F7B24FAEB8AD92D60CFF4D8
                                                                                                                                                                                                    SHA1:11B29462C0EAB1AA5C854AC5D491656DCB69DC49
                                                                                                                                                                                                    SHA-256:00740BC73B27262B9F14003A5C86854596F2606FD1F0E20941E007D6A64D678E
                                                                                                                                                                                                    SHA-512:B9DAF80DB07128859815814D5D48963BB0A055503D2C7EB7724C439FBCC699635363A4AC78FE531A8587836AB9F689CD5BB31CD39E3FA969CEBEBD8EF207F56A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\DialogButtonBox.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3141
                                                                                                                                                                                                    Entropy (8bit):4.877469106235129
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9Mi3Q3JFQeGYtaC82GwRCwec8P:nd5CB7fdpFLg3vQeG0aC82G0CH9P
                                                                                                                                                                                                    MD5:A01F36E0280CE5B1C7B45F5BA6DF6432
                                                                                                                                                                                                    SHA1:B6CB5C6EB8ACB74E2F3280237E9E55FB6CE24028
                                                                                                                                                                                                    SHA-256:E64EE9833E08D9E2C50AB44889748890B82DFB759A4B4D02599A7EF915F991DC
                                                                                                                                                                                                    SHA-512:CC2DF4237ECB1A18B14C1EB52A07453D170475CB6AD56E95ED858F3FF27C8A82D600E63858CAC85DB6595940641C794EE0AED84FE5BD2F40A09316C357851954
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Drawer.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3272
                                                                                                                                                                                                    Entropy (8bit):4.855458889295017
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9iPQBJFw0t/hnMRxWQyxb:nd5CB7fdpF6YBv5Zh
                                                                                                                                                                                                    MD5:F0FA93B831920358072547A9B83A20A8
                                                                                                                                                                                                    SHA1:EC661FF54B0E1294E1E68760B5254B01C673AE01
                                                                                                                                                                                                    SHA-256:27DB95473D7270B21036E7F7E5EEA66F63D606E134CD3C7A108DC398929670AD
                                                                                                                                                                                                    SHA-512:B051476CC81C3D802DE182F2869878A367809106C3F0F64973C08D2D240B331BD110CF65A200FA3A2CB8726D303C60C0DF310058E830BE0C9FFDA8CABE34A263
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Frame.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2362
                                                                                                                                                                                                    Entropy (8bit):4.840196634832251
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9iXQ3JFw0Cb:nd5CB7fdpF6A3v5C
                                                                                                                                                                                                    MD5:3CE69D346524C41D081C5471B672535F
                                                                                                                                                                                                    SHA1:A6394A4198094D8E468C422CE3807EB3DA578F3F
                                                                                                                                                                                                    SHA-256:7A4E835E35B97A4EE774042C45DBD1B1250D80141D351734243C2FD25F938EFF
                                                                                                                                                                                                    SHA-512:FFB40E1A4059EA9517E710B2239E33799A54768BA7F72C981DA58B707B2D685F8D37459C9F32369B9B2109C5BFBF9220FC3397FF70EA9C211F9C9912B943CBBE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\GroupBox.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3031
                                                                                                                                                                                                    Entropy (8bit):4.815424548202451
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9iqQ3JFd0iva9WLCUlLjjxVb:nd5CB7fdpF6N3v6ivaIOKjn
                                                                                                                                                                                                    MD5:28FA3B9968FC0E1369E0EC0E6F3962F3
                                                                                                                                                                                                    SHA1:356A461F7A6F569A8B37FF8A1CA0D63616DB4A0A
                                                                                                                                                                                                    SHA-256:F795B3BE2A6D4A5885D54CC00A1ECE95EBC707A11DDFBAE20546CF46673D07B2
                                                                                                                                                                                                    SHA-512:3C30DBFEE33949D24B55184FB620F080A65069EE04B89958E4C04028C9526DE5FB6C5F97CAB7641CA66C4A43981A697C6FCB9F0ABB10E971E76FB1ACD7E54E25
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\HorizontalHeaderView.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2999
                                                                                                                                                                                                    Entropy (8bit):4.823707297757387
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M25H6E+iCsAaKj7fOWIkFy9lvx8cqQ399tqYVtXFbbUWlF:L5CB7fdpFY35qYBb1
                                                                                                                                                                                                    MD5:057253DD05394B9B0BA19E242A7C03A7
                                                                                                                                                                                                    SHA1:48C95205EA7D791680F624E93F220AA9D8A26498
                                                                                                                                                                                                    SHA-256:7359789F86AE8789F63ACF3566662275CEEA14CD2F973CF4E9724C13408D7073
                                                                                                                                                                                                    SHA-512:47A1D0E0BEBD6595F1BC07DA9417BEFF15F84EACF2EE3C3796447E341E3FC2005C269C20604802DCF16E5D0AE280EA53256125284ED122DE3A5A8C73888DCF8C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\ItemDelegate.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3649
                                                                                                                                                                                                    Entropy (8bit):4.82315689006633
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9Mhgi+Q3JFbtoM2Lu8kXx2MDUb+n:nd5CB7fdpFGnB3vpoM2bkXx2MIb+n
                                                                                                                                                                                                    MD5:41D103DFD6FBCDE9575E4ECC41C7AF56
                                                                                                                                                                                                    SHA1:FE4453DCEC366E3895A1D59880B9A2079C4BA277
                                                                                                                                                                                                    SHA-256:2BBE9E32EA491CAA7BBCE03064CB3E9329D660A01E107CD6BE2AD62BD4778FE2
                                                                                                                                                                                                    SHA-512:0C83963D1B3D68C933A2C7DEE78E689EF4130ED6BD217E511D927AC7E2B045CFD58597708A97342D0C6A0C938EF5EAA471096B1617657975174CF50C3900B1A6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Label.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2013
                                                                                                                                                                                                    Entropy (8bit):4.823214903186843
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:MCdbFTT3QXf8WYwid0szM6RqeRGNfj9TNZlOWIQNydOtQ+y9O9efFpdqQWyTQVNs:MCd5H6E+iCsAaKj7fOWIkFy9O9idqQ/1
                                                                                                                                                                                                    MD5:68118E5701B958BDB5ED8FA8CD5938D6
                                                                                                                                                                                                    SHA1:10CF3F2773B27BA97EAA4E9248FEE8E47C48652C
                                                                                                                                                                                                    SHA-256:CC3264DE0EF9416C869D7736EE50A30310E267D6EC890F3DE741E56A6D3608E1
                                                                                                                                                                                                    SHA-512:4BBE100386809F48671D50446059705A7C0B8D9ADE979ED0607627A5E79F78B69099648C6D8304CFCA96BE4088CDBA42A8F9225D11883979FAE368F1F3070851
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Menu.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3188
                                                                                                                                                                                                    Entropy (8bit):4.817952074436946
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OM9ig15Q3JFw0cw/NtPCccswXnaSE8xb:nd5CB7fdpFvuS3v5l/vCcc1B
                                                                                                                                                                                                    MD5:BD84F0660D08F74C3F59CA06C3A720AB
                                                                                                                                                                                                    SHA1:3FD62D094C83A1B6515F19174AE3D430490BD510
                                                                                                                                                                                                    SHA-256:BA728FE4C754FCA8A6D9B1A08A114928FE28A0FEBF947DF3B9EEB46058ADD387
                                                                                                                                                                                                    SHA-512:96CD5D78461F1BE5A5A69E738DD16E4C34C6D6B5E6A87DAA57BDBF61E4939F51D36AD74128766DD3A9A30249409E62FBCA225AFEF63801F7284E4977BAAA6C7B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\MenuBar.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2568
                                                                                                                                                                                                    Entropy (8bit):4.835909043606398
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgiuQ3JFw07mX3b:nd5CB7fdpFGnx3v57G
                                                                                                                                                                                                    MD5:6505E480F2B9926D4D2C3E5FA891545A
                                                                                                                                                                                                    SHA1:0653562C21BC00F36A09BA5E624508DB7E822F44
                                                                                                                                                                                                    SHA-256:C76E6D27C2E549924D626F3035E50C6ACB5C80C1E27F6F2E563DC8B7AD07DC09
                                                                                                                                                                                                    SHA-512:7A3A7854A0C687FEFCA9B2BF28E02BD530E0DBE6900BE6F0D1572FB719F2A954D74D8CFF81ECCE86697A8A383D0889A33CF05A62E9C82DF59E2EF53E4CCA1ACC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\MenuBarItem.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3579
                                                                                                                                                                                                    Entropy (8bit):4.788049528540249
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgiBQ3JFbtoMruLyZkXxp0ww5Pa:nd5CB7fdpFGna3vpoMRZkXxaFPa
                                                                                                                                                                                                    MD5:5156BFA9A79101C234B9104A3860ED35
                                                                                                                                                                                                    SHA1:C67A1E5141B65C476E0DC3C6B3210BA943C8EF71
                                                                                                                                                                                                    SHA-256:AC73F4E0DFBFB169BDD0EE604D3DA70A935C813262F49117E9D9EF7CEF9C460C
                                                                                                                                                                                                    SHA-512:A738FA57A38E929943BC740F3A0FBA0FD4A6D7316DEA6DA64C0F80235390DA9C0CE4F02FF238F56AEFF74F423B08F48CF1AC6052B8834D49CA743D0C0803CDC8
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\MenuItem.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5073
                                                                                                                                                                                                    Entropy (8bit):4.803398406819676
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpFGnJ3vpoMRPQskXxZyas4SRPa:nd0BhpuJRsxZlspZa
                                                                                                                                                                                                    MD5:E6B30F84CB41750DA47EB3EC0170E226
                                                                                                                                                                                                    SHA1:63CC56C19796A4482471B6C7A48863F6AD754B6F
                                                                                                                                                                                                    SHA-256:AD00BA11BEF803203B3B68D08C17D26B4848546847D3EDD7802D968A6ECC3723
                                                                                                                                                                                                    SHA-512:AB06AB8090F4B50BB18BFF91D08B3C3741818F4F511CDB1A7B6B4AF58BDB0782AABE3AAA9157B9BB9FB1D9C3B25C143B66E87A7D513BA3C7B5123BDA2C688762
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\MenuSeparator.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2533
                                                                                                                                                                                                    Entropy (8bit):4.846356002102557
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9icDQ3JFbtMu0b:nd5CB7fdpF6T3vpMF
                                                                                                                                                                                                    MD5:6B0C18B69818DE385FF38137747AF21B
                                                                                                                                                                                                    SHA1:DFCA99F3770E59D0338242859CB63D30DAF5DF8B
                                                                                                                                                                                                    SHA-256:BE42D1BC196BA6E2849C0B536F5B8B9532CF9A212B8838E88C431E3135F040CB
                                                                                                                                                                                                    SHA-512:E97817510C45709C990B9F2C75758658BDEEBE7CA88BFC47C2488B1975644E1FD60302997098061DA814EB53650217EB651C8B6E9C24FD1CDC01D48FB10DFA35
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Page.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2585
                                                                                                                                                                                                    Entropy (8bit):4.772316352792342
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9ilQ3JFm0QuLYup1:nd5CB7fdpF6e3vn3L/p1
                                                                                                                                                                                                    MD5:38CCA49F231D57566EFFA74E188DBFA8
                                                                                                                                                                                                    SHA1:AEBC934932605C2F6BF070DDFD38A766CF910E31
                                                                                                                                                                                                    SHA-256:54E4BE75E5355BE1FE22E0B16C51FB81F974AF9FCA4C487D78E4AC4AD391B214
                                                                                                                                                                                                    SHA-512:99F74FFE7F05FD29A2CC92542B6FD5D415CF373CF1CEED17FB2F33100AF75AF9099787A935504790F9E7F309AE59C1A55600D291F1BACF2DCA1C0D004FB377E7
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\PageIndicator.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2769
                                                                                                                                                                                                    Entropy (8bit):4.791992195558291
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9i6DQ3JFbto6qEOFZZ:nd5CB7fdpF6Z3vpo6Tgz
                                                                                                                                                                                                    MD5:D68B0EBE4F30F47A9FA2A8EBB8719044
                                                                                                                                                                                                    SHA1:9A068AD807DAFD0D7C093296849322C26DDA5AD0
                                                                                                                                                                                                    SHA-256:5B42D3E817DFFEF20F3328BBB73F89E11E52F32C5359DE999D898B09D7747FF6
                                                                                                                                                                                                    SHA-512:E98B2A9D14809DDB7F91378541A9467B04F630F4FD604CCE3FDE9C71D9A45608600F17D38CABFAD66D37D095D4A9708A3271CE9CD59E7B4D68060118326D3809
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Pane.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2312
                                                                                                                                                                                                    Entropy (8bit):4.836628797705159
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9iUQ3JFw0j:nd5CB7fdpF6H3v5j
                                                                                                                                                                                                    MD5:E2EB84D9C62821F21DCDD802F873CFE2
                                                                                                                                                                                                    SHA1:DB2959EFD8F76317AB662513F8083C61F68977A7
                                                                                                                                                                                                    SHA-256:09EACE0320CE3E20AD80D2FB3A9E7E6F1D42C0EB2F84C2EE569AF4345F1B28CB
                                                                                                                                                                                                    SHA-512:62A6CEAB8F7BEBF75DF99EA9FA8CD859A2D0B800E5CD3FD2F58AA2C8499CCEEC9EB856D50575BF67E9C44627BA2453ABB592B8DB0A1BAF2B43F05B0A13EFBCF2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Popup.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2618
                                                                                                                                                                                                    Entropy (8bit):4.852512229773011
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9iwQ3JFw0jaSE8xb:nd5CB7fdpF6D3v5ZB
                                                                                                                                                                                                    MD5:96811F768438E70DEB8BE62112EB8571
                                                                                                                                                                                                    SHA1:A9BF49AB45008EE53FA6A60061CEF11056E96F7F
                                                                                                                                                                                                    SHA-256:FCD0CCF5FB6E7B20FFB06E7AA4A0F49C18BB6A5C832A5E3B5D0F72EB8FC857E8
                                                                                                                                                                                                    SHA-512:ABD9ECD915221AA3FD1723D30C68C48BDA166ED0AE3E562367C9257B34481754EB7C8E07F6F3062BE8D234A065F97FA1035EA548419FD2A4628B389E826D8852
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\ProgressBar.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2783
                                                                                                                                                                                                    Entropy (8bit):4.822722121007662
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9igaiQ3JFbt8z2rozak8PjfcxfkPb:nd5CB7fdpF6Nl3vp220zanbAf+
                                                                                                                                                                                                    MD5:919BE776133310D6C9EFC17B64F7BF39
                                                                                                                                                                                                    SHA1:3038245521C3059E1A092C54F327F3EF8D023E62
                                                                                                                                                                                                    SHA-256:CABAD8F6559EF0A38D87A5C7BF8504C3448B8364FCBB8CA4810198D34E74FF94
                                                                                                                                                                                                    SHA-512:66D0907A356535CB14CBE7171EF87F24DD81F5472CDEAA63F8D44639F1C0DFD134B05A227814842E2D419C84EF0FFA59B1814DEEAB703F5D4389E946C9CF2DC6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\RadioButton.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3234
                                                                                                                                                                                                    Entropy (8bit):4.831819684485204
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9igaFQ3JFbtoMJA10J4i0xeskxICUlLQ:nd5CB7fdpF6N+3vpoMNRgWpD
                                                                                                                                                                                                    MD5:47B37B8CAFC071F3782645DEE264A0F0
                                                                                                                                                                                                    SHA1:B7E8D3D5557BCA1095609CBB154F72E6123B2D7F
                                                                                                                                                                                                    SHA-256:D045CAC3BB3EB18F555C1BA2E18DB8D29F0BA0618E1C031E430D4E0FEB3225C4
                                                                                                                                                                                                    SHA-512:8F4C9D1FD7D5EDAC9463D1D6F2290DFD07DABAE1D91239F4391F9B94F559D6E43F891424C861E7BC135544FE32EE9FA01E4F73CFA443566DE94B2D593FA808BA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\RadioDelegate.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4189
                                                                                                                                                                                                    Entropy (8bit):4.818559974021103
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpFGnNt3vpoM2VSickXx2MIb+n:nd0BhpkJ2V5xvBn
                                                                                                                                                                                                    MD5:F04B8D57B0CF35179A39A63C3B498BF3
                                                                                                                                                                                                    SHA1:5B013B2BECDFC98DD6DED7BB61E75E03389EA954
                                                                                                                                                                                                    SHA-256:A8A0C6E167CA215BACCAD9E343D11A2F259909C88E3B1DC88ADC8B0629D5261B
                                                                                                                                                                                                    SHA-512:ACF92D3FFB610B78839A0A7302761734630286A702CA98AAB32132CCEAD81268AB1595D52D73627DCC5D0024A9372F4AD44C316D600E879032F5EC58734475AC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\RadioIndicator.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3462
                                                                                                                                                                                                    Entropy (8bit):4.757964754620368
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OifSiK3Iyrr8NL6uryAsLNb:nd5CB7fdpF4f2VrINz2As9
                                                                                                                                                                                                    MD5:4E23BD6C4A28E57D4314EEC0C105BEBC
                                                                                                                                                                                                    SHA1:5355E64D346609C314E6BC31991F920C72C5F160
                                                                                                                                                                                                    SHA-256:E44305CC55790361E327EE9A4E03231070848B9D606F854E6A43638310AB91BF
                                                                                                                                                                                                    SHA-512:161294AD1257FF277F72C328F4C75BB9B84518861B15C51FEA2490503D88F2DB965F9C46022B5BDAD30041283A4262D36B146359931A32523AEF7E132A091067
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\RangeSlider.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5735
                                                                                                                                                                                                    Entropy (8bit):4.762434213586017
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpF6F3vqStm7KqO6oLF9PxJrF9i69xttQ:nd0BhpLSEGAox9jR95Q
                                                                                                                                                                                                    MD5:D0E7BD67863F9214FC91B2DD744F5C97
                                                                                                                                                                                                    SHA1:08F3738040BD9886598E6E513CE9CBCEA5E4674F
                                                                                                                                                                                                    SHA-256:C6EE80AA856F618C3FEB777EB96C329AE7B57D2C53D990BC34548B4CEAB68C98
                                                                                                                                                                                                    SHA-512:1EE5EE2BCEDCD5431CFCF48E6396A1D317E69C0635ABED0FF43F1724659D42C4F94CFDD0E9404BE50A82C2910CA29762FB43FD734E34065D7EF92922E4C501F5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\RoundButton.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3650
                                                                                                                                                                                                    Entropy (8bit):4.756460909764809
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgiCQ3JFbtBuI/kXx5gwMyUbMAx:nd5CB7fdpFGnF3vpdkXx5gQUbx
                                                                                                                                                                                                    MD5:6A1A1A3594F7FCFFCA535F343C265D07
                                                                                                                                                                                                    SHA1:A833CDCCE738182AC3F7ECF1D670BF51F7485E95
                                                                                                                                                                                                    SHA-256:4830165063CEA46830FE37DDEF5695A1372F3ADCE5B40CD97A17753904E3D091
                                                                                                                                                                                                    SHA-512:C068764410453E56A0B34CD4AE0EFEAE2CC1C20EC45E9A4EDBCC362545DC2AA305F14CB56078893D2FB8B3E9228FCE194604B76F4E080064A3E0E0E17A8C30FA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\ScrollBar.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3798
                                                                                                                                                                                                    Entropy (8bit):4.833929967744693
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9isQ3JFbtbSQuWfEJBNvjiykDPxEXi4PxZ:nd5CB7fdpF6f3vpb1uxlKPai4Pb
                                                                                                                                                                                                    MD5:A3E3A50AB10788C00A13998D8B60084C
                                                                                                                                                                                                    SHA1:C27B825B3144D8C9659F604EB4C54610029CF775
                                                                                                                                                                                                    SHA-256:D3A2C52A2B4E31C545EABE98223ABB046A420B46FB933FFAC4785014D3BAF58D
                                                                                                                                                                                                    SHA-512:174A1C30FCBD50DB8261C38FEF4846D02DEA363BFE69EC2D1C42AA1E35086BA4F30191BF3706B92997D6907A93A89598A88D1D45EF850AD85853ABA525FCDDED
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\ScrollIndicator.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3070
                                                                                                                                                                                                    Entropy (8bit):4.707917185138538
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9isDQ3JFbtSTBNxickzXE8aXH:nd5CB7fdpF6D3vpS1KzaX
                                                                                                                                                                                                    MD5:D80721F83A475CA172D3AB390278D683
                                                                                                                                                                                                    SHA1:E8E32AEAA1EA069BB01CFD814A2EE10BC9FFAE00
                                                                                                                                                                                                    SHA-256:31409DC791AB9690F9ACB1C5581C9EAA60187C12169A249030EC0A22D07ADD69
                                                                                                                                                                                                    SHA-512:989ABBAC2BAFC6853408D6566DE2E6B83D3FDB0F3BAD5D974A4C36E06E03B590C611C8E9610935E1DFFA285D20C426E4C140EF9B07E299371D43C6049A3EC157
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Slider.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4658
                                                                                                                                                                                                    Entropy (8bit):4.799331765263338
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9ifQ3JFEITdd86EAwWKm6EAm2FLF9d6oAF9miwx:nd5CB7fdpF6o3vjZ2t6oLF9IXF9mi0
                                                                                                                                                                                                    MD5:A483F67E851CFE81A3BB3288E11D6D77
                                                                                                                                                                                                    SHA1:116ABD889A39EDF699A2C4B68CE6D4B88EBC003C
                                                                                                                                                                                                    SHA-256:4E25E9C7BF52800675D934BB24B5F2BBC7BEE91F0B139CAE6F934D453E354EA7
                                                                                                                                                                                                    SHA-512:DC7E84A05EC92731C78F807125D95314E73D535D9A0C114BFF6581C141CAD807B91C46AA4896CAC7E5F5580BA3B96FB0EBD48D57A378CADC0697151F6CFCCC96
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\SpinBox.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6648
                                                                                                                                                                                                    Entropy (8bit):4.72624143810639
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpFGnh63v5MRkq3JCjKB+bCSQOQ/ra:nd0BhpXhQCQWa+
                                                                                                                                                                                                    MD5:71AD2135502E88D66B0781143923CAC6
                                                                                                                                                                                                    SHA1:99EEF2C55E9F4A6171605656D28EB390094E1497
                                                                                                                                                                                                    SHA-256:44B096B4415E7CB19082F58086E0F5E1726694F206A4364872A3C360953D7052
                                                                                                                                                                                                    SHA-512:FA45DB83E3DDEFC981B4380657B0C5709BC345D859449BC264F1DE9FF789029D82912BD5C6F69D0392A9A98000FD428508139D064EE2C3F44F33ED134098F296
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\SplitView.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2682
                                                                                                                                                                                                    Entropy (8bit):4.878133413550622
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M55H6E+iCsAaKj7fOWIkFy9LixvRQqJFbtyz6t1:U5CB7fdpFiqvpy23
                                                                                                                                                                                                    MD5:3ACBE1D1CE8AB0CC2BD7823FDFA4A2FB
                                                                                                                                                                                                    SHA1:4BAAD0103B2EFDAEF9FB1C2B7FD742A2E9DFFD32
                                                                                                                                                                                                    SHA-256:B05DA2F982432D6BEE7604DD04E0E8FF5D5CD160E4156A71C27AB7F1D7FC619F
                                                                                                                                                                                                    SHA-512:E3EBACBE12013E6A690E6E9DAFEB09E43F276F1C9648CD125F8A68552B84CEEAE47ED727AD16603178B0F7477B03236AFC96E811CC33B206EE114C46FA350BE7
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2018 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\StackView.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3388
                                                                                                                                                                                                    Entropy (8bit):4.8990700467566635
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9ijQQLet9LGtDFLfCtP:nd5CB7fdpF6sQLet9LGtDFLfCtP
                                                                                                                                                                                                    MD5:0845F8209BAC4A8AD3409DBDA985AE6B
                                                                                                                                                                                                    SHA1:F143660B4B9FC3E107D798121A995038585ADBE2
                                                                                                                                                                                                    SHA-256:1FB2C1779F30B431D2BFF35948DB799AB409528F39742F2325BF5601E5EDB7EC
                                                                                                                                                                                                    SHA-512:01FD4E84AB2353936220F36F3A80A8A5323DD5D108F9F3985384B495CC9947A33875D2604ABD4406944FEFB1A8F0F3B43E9606DA25200F3D3BB13C506D5C85FF
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\SwipeDelegate.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3841
                                                                                                                                                                                                    Entropy (8bit):4.788731261366922
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhginQ3JFbtoM2LuJkXx2MCblE7OG:nd5CB7fdpFGnQ3vpoM2ukXx2MCbW7OG
                                                                                                                                                                                                    MD5:E2799AB66803065646838BF4B6059F9A
                                                                                                                                                                                                    SHA1:E2B4F672B00CEB5F9A87056DED3308755AAB1C81
                                                                                                                                                                                                    SHA-256:A1845B21F9FB5163E00DBE0C2EB6761930DC15CBD04D29C624FD0774849A81BE
                                                                                                                                                                                                    SHA-512:6BCE7B2B1CBE8F4BDE8A68A88725091ABC713A32566112598B5ED2418F8CEFAEA4B20E0BAA8CB154D0CA31B14B336AB5027775E5ECAD483944D8E8A62589ABC7
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Switch.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3230
                                                                                                                                                                                                    Entropy (8bit):4.8302682043142635
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9igaiQ3JFbtoMwx10J4i0xeskxICUlLQ:nd5CB7fdpF6Nl3vpoM/RgWpD
                                                                                                                                                                                                    MD5:415BC326337D27F9C84C6AF2FE9534A0
                                                                                                                                                                                                    SHA1:906D3DCC493BA53667351492BFFFF80D88450884
                                                                                                                                                                                                    SHA-256:41D3A1564F0DF044A541CBCF96CCE0404C6909B198C18B5F7A6B079E766EDBCB
                                                                                                                                                                                                    SHA-512:61F8B564366EF1A123940BB529B606CBA093DB2C811BE4C2D141BECDACC1B7B1FB9AE00BB825B4CBAF6BA844F7C2B4746D041555DDB8547248E3528C7B4C33EF
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\SwitchDelegate.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4191
                                                                                                                                                                                                    Entropy (8bit):4.818843049822159
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpFGnNu3vpoM2ASickXx2MIb+n:nd0Bhp3J2A5xvBn
                                                                                                                                                                                                    MD5:00A6BFFB5C8E7EF66140ECA140CF41FC
                                                                                                                                                                                                    SHA1:6112AFF0672F25CC5261189241E1856206687F11
                                                                                                                                                                                                    SHA-256:6183952A78E9513F90343244FF7FB94ED71FC24329533FBCF983F13A73805E0B
                                                                                                                                                                                                    SHA-512:B5360F9C7C4647EE00A5EE660F98E04DB5F6EF889BA6E689F40DA77B412EED93D9B8FF213DBC2E4EBA1CD1F1B8A173A3B2D47F67BE137E3F912DD6D3A52D8289
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\SwitchIndicator.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3749
                                                                                                                                                                                                    Entropy (8bit):4.773499896099176
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9i5b76uiN73cfWyTnTY:nd5CB7fdpF65b7EM/jTY
                                                                                                                                                                                                    MD5:408ABDB483638C73F45F54B8DFB8750A
                                                                                                                                                                                                    SHA1:EBEBA2A6A99A038B96B2559679D42757E9DEC6CF
                                                                                                                                                                                                    SHA-256:B43EDACFBC91550236975CE77CE1EC7F0A611E4399C642284BBBC43419E24322
                                                                                                                                                                                                    SHA-512:421D68BD795D2958A72E2DF19F9173C83D6657EE256DEC1DBC9B84558AF55A46E0C4695DD43CB91BA797E59A86F09A0086E4AD9A387A26BD8695577785132356
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\TabBar.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2859
                                                                                                                                                                                                    Entropy (8bit):4.856566390652683
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9imQ3JFw0mwlc0jisC:nd5CB7fdpF6p3v5mNHP
                                                                                                                                                                                                    MD5:92413583ABC598468E5A08F8743591EB
                                                                                                                                                                                                    SHA1:DE75EB1671C40C4D6C1076F227E9D67CE9553062
                                                                                                                                                                                                    SHA-256:2ED1060C8E0886E36EF63B9F3A401D75E97EF54C16F2A9F3B2DD8463D013A014
                                                                                                                                                                                                    SHA-512:F4E5799F9B6CB00C8CD516BD5F6762784910C9DA5858BA17AECD21D964E0BE0EEEA6C5679889567E6612D7A39852736D859176431B00981A88824F2B2699F885
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\TabButton.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3082
                                                                                                                                                                                                    Entropy (8bit):4.806664956509386
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9Mhgi5Q3JFbtPumkXxL:nd5CB7fdpFGnS3vplkXxL
                                                                                                                                                                                                    MD5:F935656067114BEBE3FBB5E1B060CB36
                                                                                                                                                                                                    SHA1:316C55985EE466FD2CD2E6AB1EE7A99BD4B58EC8
                                                                                                                                                                                                    SHA-256:13C688005A1D38A943E4C971814067E388F5288F1EAF253244EE444E4456F967
                                                                                                                                                                                                    SHA-512:673BFE928F2EDF0F0F7B1504E1CCF6B52CE120F17029FFDCB923A57439DE05D97DD39D87A8EE7C73EDAA48175B6877A9C68F9A4F6DF8A34566F299BF24C70EEE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\TextArea.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4336
                                                                                                                                                                                                    Entropy (8bit):4.801117075800774
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9Mhgi4Q3JgZLzA9Cd7ryljygyy/PCyQMYN6b:nd5CB7fdpFGnr3ONsyaluyQra
                                                                                                                                                                                                    MD5:1E396B6F1AE7085E3C629914AE18CD21
                                                                                                                                                                                                    SHA1:18039DD354BAE88FB0993F72BB1F4F61540BA30D
                                                                                                                                                                                                    SHA-256:541E88FA989E7D56961E7969645E4DA4004BAB7342D9BE5A53452C716B05381A
                                                                                                                                                                                                    SHA-512:D503732EE4CE3C9E72F3636D988B68A47DC33553B15F00EB87C49683A40F9F77F1346FBB30035585FC45389308BDDEA9EE24216550A34CA6134565F52A234E9B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\TextField.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4319
                                                                                                                                                                                                    Entropy (8bit):4.824043771387485
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgizQ3Tw/nP0p9Cd7rS+jygyy/PCyQMYN6b:nd5CB7fdpFGn83TcszyDuyQra
                                                                                                                                                                                                    MD5:9B0751751CBDC555F47E3286BBB77953
                                                                                                                                                                                                    SHA1:8CDFC51C00A7A8DAC5A636ACD0C409BC194CB337
                                                                                                                                                                                                    SHA-256:BC9BE32033EC2EF5C9FF140D7F21D12B293557DF6FD285CF467E7AD895D20E53
                                                                                                                                                                                                    SHA-512:2FA7A0DC1657F24081A34864A71041F5C4582D9B54A69601A0B9269A6DC0C45D84FD66A1FC62A37EC58BAECEF7D142CE970BBF42912970F1D93016352E034C65
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\ToolBar.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2359
                                                                                                                                                                                                    Entropy (8bit):4.849036051905213
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9iVQ3JFw0nkH8Nb:nd5CB7fdpF6O3v5nbp
                                                                                                                                                                                                    MD5:AE20FD05FA8EB6037E6FEEED24254E4B
                                                                                                                                                                                                    SHA1:74D9C01353EA4B8A14FB93B16D1B2E7CB31BB4EE
                                                                                                                                                                                                    SHA-256:31519E86E9522627C42B95685226213CED9EC312997A00D5529847009E0E6789
                                                                                                                                                                                                    SHA-512:20275BE170D8B61383146C0CE15E0376736941178662D499AAA26EC97F58E8C488C6393A13F82BD15128DB32480363B4ED3C9096AF97FE7E4CAFF52163420F2F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\ToolButton.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3315
                                                                                                                                                                                                    Entropy (8bit):4.835599944070907
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgiAQ3JFbt7uI/kXx5ykHYwrbix:nd5CB7fdpFGnT3vpfkXx5yNgbO
                                                                                                                                                                                                    MD5:77E3A69CA01C54E4424820D937D014DA
                                                                                                                                                                                                    SHA1:FF23A5190097D083DEDFB5F8215A3DCE8FB7699A
                                                                                                                                                                                                    SHA-256:EB353F7EFCB8C77E1ED23EA612FEC9F394D495D5DA4BE3A851CFF9B22072C239
                                                                                                                                                                                                    SHA-512:1DCF1DE5A7A70B0519BA0E6F1B8631BDF5D1BC168703454AF9D0365ECF05527F9B3156420D471DC59233E5ED5E15AB863B594FBE29768CD39A1A44503F90925C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\ToolSeparator.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2564
                                                                                                                                                                                                    Entropy (8bit):4.855878718510748
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9iDDQ3JFbtS6uSb:nd5CB7fdpF6w3vpSDS
                                                                                                                                                                                                    MD5:96D4B0987608270E92965C2FCB1246D6
                                                                                                                                                                                                    SHA1:0D889A38EB375B90F2DFAC4FCD41DC09F1FDA92B
                                                                                                                                                                                                    SHA-256:42FB514CD92C9C87A80EDE4BD648758CF54F74CC05D3338AB76326FBC4D09A1F
                                                                                                                                                                                                    SHA-512:39597673F408F531E4A6812A9E794D233A398206826B6B450C5E18977852AD35C548941D6671C56AD32EB7398A4863CF54A13B74CF90343A168A3EB3265F6A38
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\ToolTip.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2919
                                                                                                                                                                                                    Entropy (8bit):4.873465289167498
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9ilQ3owJFw0jWrOaFD:nd5CB7fdpF6e35v5jq
                                                                                                                                                                                                    MD5:6B7AFC1DB3A32DB1541023A199F64909
                                                                                                                                                                                                    SHA1:F80875DD56C24CF6EEE538C0AEC0171BF08BC28C
                                                                                                                                                                                                    SHA-256:8C3F4A1AD480B81934A91171C67D61651F39C87FDFFEF348045D492E6EAD32B6
                                                                                                                                                                                                    SHA-512:92024C59DDE029A5B4F1707F0310638CFC6E110E05E8A13A2623D0933FB7E2797326129B22F9171500E804E3EBBECC1B8D7BDD3737E5C3DFDFDEB143549CDB94
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Tumbler.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3319
                                                                                                                                                                                                    Entropy (8bit):4.8279801671890015
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9igMhtQ3JFI4Ctf/KeGlZusHPwLA:nd5CB7fdpF6xG3vInyrwE
                                                                                                                                                                                                    MD5:2A009241245A2ECF132569C737FFEC1F
                                                                                                                                                                                                    SHA1:225D896E1FC4D7BE40B5E7C16AE7E6E8E095DF18
                                                                                                                                                                                                    SHA-256:3B17958A4ADDBD57365B0EE41ADD4F3F80F1CEB35C9E8FF1268E706B7AEE6AD9
                                                                                                                                                                                                    SHA-512:DE81361CB3C1C5713F2627CBD005AD38C1C543DA36716B6E27FE08A8C21FA8E7E2D68C94C991EFBFEFC0CBCF07C9EDCA604211F0D8543FD1E2EEDFFF6372FA2B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\VerticalHeaderView.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2996
                                                                                                                                                                                                    Entropy (8bit):4.822220527499383
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M25H6E+iCsAaKj7fOWIkFy9lvx8cIQ3rNqYJaFbbUWlF:L5CB7fdpFG3BqY8b1
                                                                                                                                                                                                    MD5:B6908BB475283A82C04F52B8C3584B8A
                                                                                                                                                                                                    SHA1:9DE2170C912B514B5ED1F7EC697EC141799FDEFA
                                                                                                                                                                                                    SHA-256:FEBA09AC8F1B9CBDA59D0EAC4AB68446414C0720A6FEE19351FE1CA1A12612E0
                                                                                                                                                                                                    SHA-512:E9FAA144238C42A583435D5B69DD9D1FBBF6578E0B4229B1312995183B8F0261435605793BFF3B41BBA423CF390116CA275F7FCBEBEDDAF62FFC066572EC8C80
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\plugins.qmltypes

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):13897
                                                                                                                                                                                                    Entropy (8bit):4.371650370083731
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:X+f/XO0eXiqegTmSc4EhouBsDTl6tlK9jFoY3D3yEbfbiseVpTHD3aIq9EgJLeJo:nEssKhFv
                                                                                                                                                                                                    MD5:1AD125081A90751A1B242718BC778618
                                                                                                                                                                                                    SHA1:28A24F7233FCBC29E7C4F3101E617610AC099756
                                                                                                                                                                                                    SHA-256:3422578EFD36D424686F0FEA58A6DB6E2BE606DEB4CA3584143ECD23D9399516
                                                                                                                                                                                                    SHA-512:680D8C1254335434960EDADA3760D65DBFCB94F0F1815FB7C432CE0E757A89329A2BB4D0C21D8E66ECC184DA737433B73ECC2CED12E8B2CD3261EE44717CEF6F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:import QtQuick.tooling 1.2....// This file describes the plugin-supplied types contained in the library...// It is used for QML tooling purposes only...//..// This file was auto-generated by:..// 'qmlplugindump -nonrelocatable -dependencies dependencies.json QtQuick.Controls.Universal 2.15'....Module {.. dependencies: ["QtQuick.Controls 2.0"].. Component { name: "QQuickAttachedObject"; prototype: "QObject" }.. Component {.. name: "QQuickItem".. defaultProperty: "data".. prototype: "QObject".. Enum {.. name: "Flags".. values: {.. "ItemClipsChildrenToShape": 1,.. "ItemAcceptsInputMethod": 2,.. "ItemIsFocusScope": 4,.. "ItemHasContents": 8,.. "ItemAcceptsDrops": 16.. }.. }.. Enum {.. name: "TransformOrigin".. values: {.. "TopLeft": 0,.. "Top": 1,.. "TopRight": 2,..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\qmldir

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):158
                                                                                                                                                                                                    Entropy (8bit):4.58971464637918
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:3BV9NKH4TAXDJoNMURCNC4MXWEJWiwhvyWmopCxKbbJ26akyxRS9NKSvn:xVfW4TAXVoNMU74MXWgWiw58oIst2J58
                                                                                                                                                                                                    MD5:62CA2AD26A8B534945019A03A4C386F8
                                                                                                                                                                                                    SHA1:FDD59AEF9ABE3682A09152FD8C0B5C7A7691E5FB
                                                                                                                                                                                                    SHA-256:1150344EDEB157FAA029A8D93A79B6C6D80E97B492D67F1AB636EFB156E7B19D
                                                                                                                                                                                                    SHA-512:04D4DFABC37079461913B845CE43CC6358E23CCF1A19AC97477143554179B05249C636584CB03CE2B5F5903E309D98E7C5CA3CA651FDBB369362ADA8393F4A3C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:module QtQuick.Controls.Universal..plugin qtquickcontrols2universalstyleplugin..classname QtQuickControls2UniversalStylePlugin..depends QtQuick.Controls 2.5..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\qtquickcontrols2universalstyleplugin.dll

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):606704
                                                                                                                                                                                                    Entropy (8bit):4.6616816323493335
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12288:T+rqqpIpVpGp8pzpLpcpopGpxpYpLpupDpwpXp+pWpupBpIpipWpPpXp3p3pIpDY:T+r8Px
                                                                                                                                                                                                    MD5:25A6B3F61EF00A8C25BDFB6D0E783428
                                                                                                                                                                                                    SHA1:61F4CA9E542003C558A2EAAE65F0FB7977F67447
                                                                                                                                                                                                    SHA-256:62CCB1E10473614B3794E2B74385F19944FF1B6CB2377ECF46EF307453C235D6
                                                                                                                                                                                                    SHA-512:445C0137B6E211684E01DC147A4E2237FC8571EF89C3A9756B01BCB338EC34E6A47EBC6AF09D8DE6CB47C046857BA46637130E704A5D24C0E4A17575CC996DDC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......E......Z...Z...Z...Z...Z..[...Z..[...Z..[...Z..[...Z..[...Z..[...Z...Z...Z..[@..Z..[...Z..jZ...Z..[...ZRich...Z........PE..d...F.._.........." .........................................................p............`......................................... ................P.......0.......&.......`..0.......T.......................(...p...0............................................text............................... ..`.rdata..N^.......`..................@..@.data...h1.......,..................@....pdata.......0......................@..@.qtmetad.....@......................@..P.rsrc........P......................@..@.reloc..0....`....... ..............@..B........................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\VerticalHeaderView.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2833
                                                                                                                                                                                                    Entropy (8bit):4.809421054317256
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M25H6E+iCsAaKj7fOWIkFy9lvAQ3rNqYJ3FbbUWlF:L5CB7fdpFk3BqYvb1
                                                                                                                                                                                                    MD5:F5CD8AC746B6994ED71FF8301B42A56B
                                                                                                                                                                                                    SHA1:BA037B256EE49D9FC2C30BD11CCB8A01993A38B5
                                                                                                                                                                                                    SHA-256:1D4F3F1D0DBB8CAE0D392C2556889C9639A1A51B055E47BDAABEDBD33BD4A934
                                                                                                                                                                                                    SHA-512:6B465228D5918FC4A1EB093A0896ABFBD11A57ABD2641A6F89581B063E6537F5BEC2B33084F873871026526C39741A10CE11C0F52BE80B35257EC86F7BD27E75
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\AbstractButtonSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4189
                                                                                                                                                                                                    Entropy (8bit):4.590051340924354
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym0u7LZgzapSRSSP3+jg0cxca/edd3ExnAOY9:nd5CB7fdpFFC7La2u/+jg0Za/M3MnFY9
                                                                                                                                                                                                    MD5:A63F43FAE673A9B791CEC4ED6BBCFD3F
                                                                                                                                                                                                    SHA1:FB4E604269821F309AD5029C76027D1E0FD9B4EC
                                                                                                                                                                                                    SHA-256:8185529D14235068BCD043ADF55880DFE504CEA3387049EBEACC53DC6B050947
                                                                                                                                                                                                    SHA-512:DDD381FCD59BBEF6A90EE79F682264BB3C4E96977F7DF6AEC5A3E44E317FB97E6A5D91935E6C1D15C81A903A5B914CC374738CD2ACD98E2546CE11626821EA18
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\BusyIndicatorSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2627
                                                                                                                                                                                                    Entropy (8bit):4.723364711234391
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LuDIbtMjFLi:nd5CB7fdpFFFLuWtMjFLi
                                                                                                                                                                                                    MD5:36277E316A15296D604D0A82E0FBFB0E
                                                                                                                                                                                                    SHA1:7A2A8FF4A15037B945255612CBE461BD50E93F71
                                                                                                                                                                                                    SHA-256:A6F736C2713B08F6AAA5CB51019FBB393AC6C57B75EF5E4005D29EFF48A92A98
                                                                                                                                                                                                    SHA-512:3EAFE4467611E9FA4C89E950D77620FE4AB4801A657D8641C9E2E24C4696CD08681A8DC7952C2811FE09CE0C61EB73FCE7C2C7CDC41E3C063760D77976304E5F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ButtonSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3105
                                                                                                                                                                                                    Entropy (8bit):4.707682721934341
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym02AEBLJOYHtrDB39:nd5CB7fdpFF6AE0YNr939
                                                                                                                                                                                                    MD5:029323EE757A222E8DF48E7EBF04BD93
                                                                                                                                                                                                    SHA1:035A38F873407E253C4AF63A11497B8CCDF3D478
                                                                                                                                                                                                    SHA-256:1D571BABABB04CE5FE55B1D0F1DD362EACC304BDE7125DED0D218D9CE6DF03C4
                                                                                                                                                                                                    SHA-512:683E786555E4039963765306EC6BBCB319207452E912148E29FE1BA9FEA2282AF474B1ACA2366CF28F9412E8BA538BFCB8CA99314719297D0F969E12043DBF1D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ButtonSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2192
                                                                                                                                                                                                    Entropy (8bit):4.788553950637862
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05Lot5y3jFLi:nd5CB7fdpFFFLot5y3jFLi
                                                                                                                                                                                                    MD5:920C6A6B84D14E1995291B8177A1141C
                                                                                                                                                                                                    SHA1:C9AB88CC4C09EFBBBA25B63A70479D3159A837BE
                                                                                                                                                                                                    SHA-256:9CD02378488E8DDC891CBC1E7718BE197088A628D07100ED2D676B958F57B81E
                                                                                                                                                                                                    SHA-512:1FC8193CA7FBBFD005A4D8169535789086460F4F2272086FE44DA7C9E793F9E4B056A5F7D9BBB25BD818DC56A7FD96864F6EB8ABB244E5C27644FC8D9BA04C22
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\CheckBoxSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2226
                                                                                                                                                                                                    Entropy (8bit):4.806035630450304
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LYsiqy3jFLi:nd5CB7fdpFFFLYsVy3jFLi
                                                                                                                                                                                                    MD5:E7BE5C88888A3B8CDD14788A9950EEAE
                                                                                                                                                                                                    SHA1:04AFEB4DA0CD3801F0F3266C442A51C9045A15BD
                                                                                                                                                                                                    SHA-256:39DC04660C2F4FC02971098B9E261A2F7123887C565F52582278DDB9B7771FBE
                                                                                                                                                                                                    SHA-512:2624E6D94F8A43CB9E59FA90CDD7BB221C0494E5D3EF1CC5006F09181A97713DD86A2C9688E956A9487280A5366867E423ED39A9B40FA6D51AAF03E271150014
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\CheckDelegateSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2296
                                                                                                                                                                                                    Entropy (8bit):4.795325715833799
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LYsW5y3jFLi:nd5CB7fdpFFFLYsW5y3jFLi
                                                                                                                                                                                                    MD5:F06ED234814DF3A8F4A2040A69CA258B
                                                                                                                                                                                                    SHA1:4913E605AFC2DD5C97276140CCC8581983F9AC57
                                                                                                                                                                                                    SHA-256:150FC7ADEAF4751CD91440C69E0D9671F141E5B4C439EF886DC863256241A898
                                                                                                                                                                                                    SHA-512:1161A17C7038F1527787FACE844D211226D70E16BDA1607E1F58F0C77E290184885E2DD209EE6C46F5DB9BCFEA6060E636115C702297EEF6D573DD47213F1625
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\CheckSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2661
                                                                                                                                                                                                    Entropy (8bit):4.738841008151935
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym0QoXrEub+HY5Yz9:nd5CB7fdpFF8uXq9
                                                                                                                                                                                                    MD5:0BA3D106DE56655688B8C59D7C1A1A16
                                                                                                                                                                                                    SHA1:919D19801E710EC9222DCC79C59AF36B1B81B0A0
                                                                                                                                                                                                    SHA-256:70A6DFF9A723B4E2F312ED48F5BA8E3EC7C64252FAF4DD565359294D26A89678
                                                                                                                                                                                                    SHA-512:FCE134B09BF86FAD943230B173547AC9A029E60B60E43FFF95DD5358C2D80424131A5F1029264DFEDE432E7BC0D84A8B23195E23E06109FCC527392BC97A7777
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ComboBoxSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4090
                                                                                                                                                                                                    Entropy (8bit):4.509515420842468
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LuUE4DeaHjp2bU9ygOtrWp/LweMjFLi:nd5CB7fdpFFFLu6Dlj8bFgwrULDMjFLi
                                                                                                                                                                                                    MD5:CC5D05E0AE46BE8C3CD68C05B0D90A9C
                                                                                                                                                                                                    SHA1:CAC3FF7D53A5C59D60E58E2A6468A32B8BB435F6
                                                                                                                                                                                                    SHA-256:7B4A6BA8F165CEAD72123F9BC3EC1A52CACBABFC87066BF352CF2330AC54FA37
                                                                                                                                                                                                    SHA-512:BA61CADB7E22AC5C77DB201CBF71DC9F2A2FBCF47568DC4B54247A00F1B3109EE95839B80FACFA732568F7C142FE8007EF79B1D63E0697575FDA88D396851570
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ContainerSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2336
                                                                                                                                                                                                    Entropy (8bit):4.7901862758502345
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym0ZqHTJmr9:nd5CB7fdpFF8Tsr9
                                                                                                                                                                                                    MD5:9780B490F860F1A42730957553F0E005
                                                                                                                                                                                                    SHA1:E7E9F3F698B9E5D6693DEF15A4AD8C15CE6591F2
                                                                                                                                                                                                    SHA-256:FD19D8ED1D61F83D67FC363C2E28A76372CDD4D88CF9A90EBB2F74D5E5FD09A2
                                                                                                                                                                                                    SHA-512:69178CAC56FC5F7A407B87A0455506AC8F331903B36864AC085F02EF5E2349261F69EEFEE634EFFB0F3BA1E4A63139195A6B90F41D5DCC8CBEB725EB6CFB5B01
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ControlSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3881
                                                                                                                                                                                                    Entropy (8bit):4.629995264959266
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym0IzBv3TsX2abpOx3beJYTqHTJea7xW3wT9:nd5CB7fdpFFOvfkpQ3beJTTMa7YM9
                                                                                                                                                                                                    MD5:E3DDB0BD2362D7AD8D3F6757836FD249
                                                                                                                                                                                                    SHA1:B82289C6046C7E33B601A3BDE048E5D5A8FF30A1
                                                                                                                                                                                                    SHA-256:FA79F68EB091D8A7312B9F26246561FD8558E891951A7A34178F708E3F40083C
                                                                                                                                                                                                    SHA-512:DAA91EDCAE35B9B2543B0B8C5CD43793DB20BCAD9EF9D1BDE740C8B31950005CEC8A1CDE04A8B00A355369A6C5E4C78DE46489804EF84036255F4BECFC269D52
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ControlSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2066
                                                                                                                                                                                                    Entropy (8bit):4.797894120379283
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05L3jFLi:nd5CB7fdpFFFL3jFLi
                                                                                                                                                                                                    MD5:B450EBA19443A3DF0571977CEAF495D8
                                                                                                                                                                                                    SHA1:B35B0C22629222F33BDA33156C178AF505808906
                                                                                                                                                                                                    SHA-256:34F14E5B36DE01740DC8A7C571FF8CE65BCEB7FC4C26F906E10C08773B644AE6
                                                                                                                                                                                                    SHA-512:CD145A9FA4ECDDC55F133A64FD693EADF2CE3C22AF599585E9B0B350827AE9309F9345C79756DA2F0CA9230B62085863924B5AF4D9417DFBF5C30F124C3354DD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\DelayButtonSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2736
                                                                                                                                                                                                    Entropy (8bit):4.684553443125928
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LuhZNaH/NPwy3jFLi:nd5CB7fdpFFFLucBwy3jFLi
                                                                                                                                                                                                    MD5:CA6FBCA4034AB0C1FC8D58C50AA2E3CF
                                                                                                                                                                                                    SHA1:3F15AD98B82F88ED01656C1AA337492AF5A6A338
                                                                                                                                                                                                    SHA-256:CE45196E4B042826A80FE153EDC7ED6796D19915DDA1B91C82CDED33184E1204
                                                                                                                                                                                                    SHA-512:2CFA38A0E3939711A9024192C77FE1E087A368359945128B2DAE86D048A3746A7492E0B66171067C09B53F4640237791C2E99461066745918F0B14EA688A7820
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\DialSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5949
                                                                                                                                                                                                    Entropy (8bit):4.283006058808884
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpFFFLu/chFKjs0jj5Ujv52DuWj4Z6IEMjFLi:nd0BhpnphFTAq4Drj4Z6zz
                                                                                                                                                                                                    MD5:8902AB92488D965807566C9F0AF7B01A
                                                                                                                                                                                                    SHA1:9C284E15D96FA1D2CEE33D058142ADE5E8D65BA6
                                                                                                                                                                                                    SHA-256:6B8CC2C061A4E350BB13B9C12BF4CAAF4C8F74DB6E05445CF3B7B156D6B1F17A
                                                                                                                                                                                                    SHA-512:CDEB45E49F5E5F9CEA4FE6C70017B573A6E074C19B8FC001FAC55D2E79736F93C14D650573F5328A7CC17CAAA2FF757436F3DF713D2AB6CDB978DD48C413FED8
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\FrameSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2123
                                                                                                                                                                                                    Entropy (8bit):4.790296350072608
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LZy3jFLi:nd5CB7fdpFFFLZy3jFLi
                                                                                                                                                                                                    MD5:C24D49381CF8B3E6098FDA1C27527E56
                                                                                                                                                                                                    SHA1:4C78067E28C7FC742C52461585EDF9113483E5D0
                                                                                                                                                                                                    SHA-256:B3BA820FF86BF5EDE7116543342393AB2279C2DEB37C23CE3D240A1F114F16EF
                                                                                                                                                                                                    SHA-512:89022C8518525601024B6C63CA425FAE6F0010D1A167FF7EEF6B7526F6AC634C856811B43D18E0555821F1286895A44F1D7DBA6FC26AB58A50E15FE1FFF64308
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\GroupBoxSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2579
                                                                                                                                                                                                    Entropy (8bit):4.710846092907281
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05Lu99My3jFLi:nd5CB7fdpFFFLuvMy3jFLi
                                                                                                                                                                                                    MD5:977771B918B7ECD33A6F9E5873372BBF
                                                                                                                                                                                                    SHA1:3B2C4E8CC47B061A566AFCFF3B7F59535D439275
                                                                                                                                                                                                    SHA-256:DEDBD77A8B002762B5A5AEB65E369CF7DAA9767FE68360D5F8654CC60562FD45
                                                                                                                                                                                                    SHA-512:148CD83B7C63E9ED80E598ED58B1EFD7F66A3BE562422B59EDE0E91043974F9D53FF0FE0EC61DF7B3BFEF439398ED618552016275A6326A9C9596B70DD1DE80E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\InsetSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4075
                                                                                                                                                                                                    Entropy (8bit):4.441096456615466
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M25H6E+iCsAaKj7fOWIkFy9ym06p7gHkdc6flHkdc6Pzh7uAmAQHkdc6VZHkdc60:L5CB7fdpFFmpUUl+zhD34g52M9
                                                                                                                                                                                                    MD5:8C11CC19E8BD0CE990772BB92D246688
                                                                                                                                                                                                    SHA1:A7007BFFD6AACA79DC746D4D262EA8AB1EB7F297
                                                                                                                                                                                                    SHA-256:7A2FFAD29B19F0B3D2E0D369A4493DC9B7DCCA4179AD01E5A1BCC8C87685B611
                                                                                                                                                                                                    SHA-512:F8F87B9C04893F5712F95F46C9FA6766F7EB86A0DAE6050E085EC072851CF1F8286018D36FBDCEFE6CA6AE2EA2554C3C8FCC71030BE13E1A7C288348E28AEB91
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ItemDelegateSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2321
                                                                                                                                                                                                    Entropy (8bit):4.79619373368411
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym02AWB39:nd5CB7fdpFF6AC39
                                                                                                                                                                                                    MD5:A82851C44140F5CAF39AC21DBBC7AEB3
                                                                                                                                                                                                    SHA1:A3D673235E30071D0ED23BE75008D76F6BF6B399
                                                                                                                                                                                                    SHA-256:18DA14C91C710F8CFA69C676103D2621CD7E0FBA23C75BF640E1ED377EE8BA31
                                                                                                                                                                                                    SHA-512:55BDF1DA7EFA1879FFDE53FF2275026ED45B6CFF7FED8191143C15ACDB86AA0727FDD9B909035E420E66775D1EDA22463A31183AC9C527B35BE2D1D7D66063B2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ItemDelegateSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2198
                                                                                                                                                                                                    Entropy (8bit):4.789736142433364
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05Lq5y3jFLi:nd5CB7fdpFFFLq5y3jFLi
                                                                                                                                                                                                    MD5:DF7E32B0E18BD35FA8453CB1263886B9
                                                                                                                                                                                                    SHA1:F4336C9380A7FBEE4DFBC17C545B409364F7F8B3
                                                                                                                                                                                                    SHA-256:8207C603C9DE51D9954302DD9DF559A1DF70E0A9658AF62637229B5A2437EEC3
                                                                                                                                                                                                    SHA-512:21D4E9B1D71C5EA9C7C66E5BACEAD5D4857AC109F7452D81C6D793F8843DD1D6F9194011E41259CDB9E3FAECC04675A1433A2DFCBF0B758FF97CBD068FD95732
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\LabelSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2823
                                                                                                                                                                                                    Entropy (8bit):4.755970593471076
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LQq7RHw0XTMwNBSXTMg9kaL7i:nd5CB7fdpFFFLQq7RQgTMaUTMaL7i
                                                                                                                                                                                                    MD5:23066E2FCD92D68EE429B19C34093444
                                                                                                                                                                                                    SHA1:4A7A65EF2DCA60CA52BBB0446EDF7A48AA856689
                                                                                                                                                                                                    SHA-256:968701B931951FF79DCF09E07D56A91E50F4009D99286CA2B4C348FC35550482
                                                                                                                                                                                                    SHA-512:55509C7288BFF36DCD684E8559DA0E67A29F3DB59B0B66DFD7A9B19A24B6D938A588FC91B25DF1A220E14894E70451C12B2C0A212D34223B1D34733950A8A215
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\PaddingSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3681
                                                                                                                                                                                                    Entropy (8bit):4.600699886807315
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym0oAsTqHTJvdADYTqHTJl9ZTqHTJcqXOTqHTJPp:nd5CB7fdpFFdvTFCDTT394T2qJTVr9
                                                                                                                                                                                                    MD5:C430765B66BE6227979D4BFC4E13486A
                                                                                                                                                                                                    SHA1:294F8E24765F9766AEA812FFD033072629F1C6EA
                                                                                                                                                                                                    SHA-256:BED58EBA4585F280EFBD5869DC4730BDBC46863D392DBCBE6EE3241AF08609EC
                                                                                                                                                                                                    SHA-512:9663030B63C24B3A91A7E496FB4366BC183FFC2CC09AC956B873A5874231C15C988F773E8F799008152D1552553C67AF4D195959B7A6124048F61E90A81A9615
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\PageIndicatorSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3464
                                                                                                                                                                                                    Entropy (8bit):4.54198580547783
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LuJ0aHjpAOaHjp2bHECMjLi:nd5CB7fdpFFFLutjSVj8bkCMjLi
                                                                                                                                                                                                    MD5:0E13BBB11B627D0AB5D2D1771A4A35BD
                                                                                                                                                                                                    SHA1:1C5294D16BCE34581E92B8F3E23E1067F1D6FCB7
                                                                                                                                                                                                    SHA-256:416C1DD1C0E0C402C1228CDB052DFB12103D37620E72D70D176CD1E3F2E607F6
                                                                                                                                                                                                    SHA-512:9175A66F1017868640DBFEA41368CF8DF27E207B22FDF7E57DCAD3D17E0A5ACEDBDE75DF7A831F0F398050C762F5A9EFE2FFCE7F9AFE589BD799850CB95E28C3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\PageSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3512
                                                                                                                                                                                                    Entropy (8bit):4.536455819119471
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LuU9cvaHjpEuaHjpj5MjFLi:nd5CB7fdpFFFLuQcqjy1jp5MjFLi
                                                                                                                                                                                                    MD5:F28678714CF8AC3FE1D3DF5790A849B4
                                                                                                                                                                                                    SHA1:57D7DB50C11255DE0861F8B086D0B1125D4A8A98
                                                                                                                                                                                                    SHA-256:3A2D06290528BD90BBFEE7E532277543340BC33741970BE1F0CD7B743F62F60D
                                                                                                                                                                                                    SHA-512:AE1082E8B797592ACFDD4B938F143D2C31728F462CC1ED50F6F7D38C1E517D6E74F2DA3CADBCC55BC48A38685ADC1F036E662C78CD01C1416BC11FFAC91309DA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\PaneSection.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2819
                                                                                                                                                                                                    Entropy (8bit):4.72358971509432
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym08fqHTJ0eqHTJTp9:nd5CB7fdpFFIKTClTZp9
                                                                                                                                                                                                    MD5:CD9A097C784EC8FC092609C354D93AD4
                                                                                                                                                                                                    SHA1:1496DEFA81A88DFF13AC4534549F30E0A65A2F41
                                                                                                                                                                                                    SHA-256:A10517398E8DC800A587D94BF8658C0580A99115800E7EB8D6DAF8B0D9C59887
                                                                                                                                                                                                    SHA-512:FC8BE8FD0D8570F01AD314FD4BF6C6D3418F1045384578E60A89F05DB6C583C7DFAE47C0F0AC32C9708F62E8AA0DF718634D6A9A717F2254E1A1E839C1961462
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\PaneSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2123
                                                                                                                                                                                                    Entropy (8bit):4.790296350072608
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LZy3jFLi:nd5CB7fdpFFFLZy3jFLi
                                                                                                                                                                                                    MD5:C24D49381CF8B3E6098FDA1C27527E56
                                                                                                                                                                                                    SHA1:4C78067E28C7FC742C52461585EDF9113483E5D0
                                                                                                                                                                                                    SHA-256:B3BA820FF86BF5EDE7116543342393AB2279C2DEB37C23CE3D240A1F114F16EF
                                                                                                                                                                                                    SHA-512:89022C8518525601024B6C63CA425FAE6F0010D1A167FF7EEF6B7526F6AC634C856811B43D18E0555821F1286895A44F1D7DBA6FC26AB58A50E15FE1FFF64308
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ProgressBarSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4195
                                                                                                                                                                                                    Entropy (8bit):4.466402741760662
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpFFFLuqvWiiwGgchFwjsmjj5MjFLi:nd0Bhpn65hFV2z
                                                                                                                                                                                                    MD5:4DF82CF68626823EB6BB0313B2E8BB65
                                                                                                                                                                                                    SHA1:8E27BA0590C8C879675400C7C534836DE25FF029
                                                                                                                                                                                                    SHA-256:94DAB06A5B0FD568E5B9E622A9CCB72607D371D1849970DD6DBAE3355D1D3712
                                                                                                                                                                                                    SHA-512:03F9A3F45E818199FC211FC3C260352237E99310966E10644D273EFFA8B08DD1F56DD20C331172733114E087AF42712087BA092638AE3538FAEB119ED1FBE345
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\RadioButtonSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2133
                                                                                                                                                                                                    Entropy (8bit):4.795371325434706
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05L5y3jFLi:nd5CB7fdpFFFL5y3jFLi
                                                                                                                                                                                                    MD5:95806D0BFADF617CDB91B9BAACAB5429
                                                                                                                                                                                                    SHA1:2102999EC25BE88F138EA7C8FBF2A1BF4454C766
                                                                                                                                                                                                    SHA-256:07911DFF4B3128DE29FB83223A78878F9E972F35A596429861C7EA7956923B2D
                                                                                                                                                                                                    SHA-512:00D3B1DD1D764859249A5997EC4B2EC68FDF7C245A3AD4276A81370B2F43090F41D32DE48D94307703436E661EBAF64FF96332F109B0E611B74521F28C8F8004
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\RadioDelegateSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2198
                                                                                                                                                                                                    Entropy (8bit):4.789736142433364
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05Lq5y3jFLi:nd5CB7fdpFFFLq5y3jFLi
                                                                                                                                                                                                    MD5:DF7E32B0E18BD35FA8453CB1263886B9
                                                                                                                                                                                                    SHA1:F4336C9380A7FBEE4DFBC17C545B409364F7F8B3
                                                                                                                                                                                                    SHA-256:8207C603C9DE51D9954302DD9DF559A1DF70E0A9658AF62637229B5A2437EEC3
                                                                                                                                                                                                    SHA-512:21D4E9B1D71C5EA9C7C66E5BACEAD5D4857AC109F7452D81C6D793F8843DD1D6F9194011E41259CDB9E3FAECC04675A1433A2DFCBF0B758FF97CBD068FD95732
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\RangeSliderSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6769
                                                                                                                                                                                                    Entropy (8bit):4.259429689145202
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpFFFLuGwEhAzhFejsUjj5gjvrYZvnuWx7MjFLi:nd0BhpnaEhQhFHgGrYZvnr9z
                                                                                                                                                                                                    MD5:45E91F4D787315CB57E0B7D2DF6C9625
                                                                                                                                                                                                    SHA1:606352AFA72FC5EAFAE9BFF897779AAEA9D0A793
                                                                                                                                                                                                    SHA-256:6AC639B5F6858762AE1F938AA6490EB22D48C777C70D9B892315E9683C6275E2
                                                                                                                                                                                                    SHA-512:190BF00F8B5BA7D7B4028FF10DA05E0195946C06C232BB4897A2D964A0F9F1BD7B2D845E58F41F4CCD4B1CA9A846D81522C4172C8F2E36DB42125B1B0FF92AA3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\RoundButtonSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2757
                                                                                                                                                                                                    Entropy (8bit):4.684878729571602
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LuQaH/sqJPt5y3jFLi:nd5CB7fdpFFFLuz9Pt5y3jFLi
                                                                                                                                                                                                    MD5:5D48EFFA06041BE07F38BCFD1ACEB106
                                                                                                                                                                                                    SHA1:2CB284F7C2BE8EC45AB10B73D4D8928B705BE9E3
                                                                                                                                                                                                    SHA-256:807FFF34F63FFDD20D9D410C170C1C854CCCB3A40CAE506CBF2EED38B39760A9
                                                                                                                                                                                                    SHA-512:DA7FAA7F8E49485DB78E0FF78A28311F4064D0C23AC1AD51BD2414031768C4F60808A4F97BEA0631EB09DCF996C4B51AC8F06D019C932E52BCF5DAAFAC668279
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ScrollViewSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3195
                                                                                                                                                                                                    Entropy (8bit):4.6079588592166605
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05Lu6vaHjpEuaHjpj5MjFLi:nd5CB7fdpFFFLu6qjy1jp5MjFLi
                                                                                                                                                                                                    MD5:85DA810CC706B345D85F9769B904D139
                                                                                                                                                                                                    SHA1:B9F641481815ADDF96554B1AD41D8788487F0CB1
                                                                                                                                                                                                    SHA-256:CFBB83DB87541E7EDFAD94BC239EBEE295C60E2E40C8FE5DB08FBD231C328BF2
                                                                                                                                                                                                    SHA-512:8D342FBC16EB30F7644F4037CE3C94C60E8AFBE2499AF779B9079E574F8A8247966E305486E138DA88496E691C17B8922E2FC0A966044F8F618356F6ABF2BC44
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\SliderSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6079
                                                                                                                                                                                                    Entropy (8bit):4.271218374879073
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpFFFLuBchFDjsljj51jvqfHZvyuWx7MjFLi:nd0BhpnzhFUDdIHZvyr9z
                                                                                                                                                                                                    MD5:0154C91F8DBFA6E9EA328F7203F63AC7
                                                                                                                                                                                                    SHA1:98443FFC346DAA5A934AB9BC69B1E69C786F8A21
                                                                                                                                                                                                    SHA-256:0D9D68FFF4A345DB964F9B15D71263488EA48045253E9E1EE864C477D653AB2D
                                                                                                                                                                                                    SHA-512:7007754F6C328D73A5F816DDD34D7498C27A692AEBA3057A5B6E7AEBE34CABE9CE04A29D35B3DA902CC7972A0D793018E76FE72ED5502B842EC306B9D9471DA0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\SpinBoxSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4921
                                                                                                                                                                                                    Entropy (8bit):4.3797456090010565
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:nd5CB7fdpFFFLu7rhF/jvNj85njYCgTEMjFLi:nd0BhpnchFzokpwz
                                                                                                                                                                                                    MD5:1C848DC852D5B7ED48A9CF1661F2F659
                                                                                                                                                                                                    SHA1:3D3F1A8C199CC4EAE881467C9D3B121F7DE9E37B
                                                                                                                                                                                                    SHA-256:664B08BFBCD58DD406D7F876FA57FEFDEA06A709BFF5E033613D908D0622D750
                                                                                                                                                                                                    SHA-512:087DF27A71ABBCEE34807D955EA61C89DF8708D141E2DAB3E66227D3AE2188CFF79E3571B88BE3B4F282446C118B4ED1241C2D3D0B608AA4884981B15F6E33D7
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\StackViewSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2066
                                                                                                                                                                                                    Entropy (8bit):4.797894120379283
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05L3jFLi:nd5CB7fdpFFFL3jFLi
                                                                                                                                                                                                    MD5:B450EBA19443A3DF0571977CEAF495D8
                                                                                                                                                                                                    SHA1:B35B0C22629222F33BDA33156C178AF505808906
                                                                                                                                                                                                    SHA-256:34F14E5B36DE01740DC8A7C571FF8CE65BCEB7FC4C26F906E10C08773B644AE6
                                                                                                                                                                                                    SHA-512:CD145A9FA4ECDDC55F133A64FD693EADF2CE3C22AF599585E9B0B350827AE9309F9345C79756DA2F0CA9230B62085863924B5AF4D9417DFBF5C30F124C3354DD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\SwipeDelegateSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2198
                                                                                                                                                                                                    Entropy (8bit):4.789736142433364
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05Lq5y3jFLi:nd5CB7fdpFFFLq5y3jFLi
                                                                                                                                                                                                    MD5:DF7E32B0E18BD35FA8453CB1263886B9
                                                                                                                                                                                                    SHA1:F4336C9380A7FBEE4DFBC17C545B409364F7F8B3
                                                                                                                                                                                                    SHA-256:8207C603C9DE51D9954302DD9DF559A1DF70E0A9658AF62637229B5A2437EEC3
                                                                                                                                                                                                    SHA-512:21D4E9B1D71C5EA9C7C66E5BACEAD5D4857AC109F7452D81C6D793F8843DD1D6F9194011E41259CDB9E3FAECC04675A1433A2DFCBF0B758FF97CBD068FD95732
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\SwipeViewSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3100
                                                                                                                                                                                                    Entropy (8bit):4.6223226231291985
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LuGguECBCZrLMt3jFLi:nd5CB7fdpFFFLu5/CEZvMt3jFLi
                                                                                                                                                                                                    MD5:A2DF382A28EE2A85E65D72E6706BE9DD
                                                                                                                                                                                                    SHA1:8835926DC5E4491BDB5812C55B669D1BDC596DEA
                                                                                                                                                                                                    SHA-256:F0D87BE641213B0FF890C2E4069E32681A874646F3965C9C6927D32DE78335D7
                                                                                                                                                                                                    SHA-512:67B19EE99E51858D59395816A7E2433E7B0F228633C75662CE71F1B315FEA9CFC048A6220F86E740759B8A47E81883C50C7B9E98F37D81A79C7DB764AA9DAB45
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\SwitchDelegateSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2141
                                                                                                                                                                                                    Entropy (8bit):4.797308908670296
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05Lq5y3jLi:nd5CB7fdpFFFLq5y3jLi
                                                                                                                                                                                                    MD5:5740311FAD8393D3CD08CC7B64775779
                                                                                                                                                                                                    SHA1:29E2FEAFE34FEFFD690B8F102E87CAA9BA52E1A8
                                                                                                                                                                                                    SHA-256:45B33505F1DDBBDBE3B20D3511706ADFFE14A3A411CEAE6CBE92CCD4B73B0A66
                                                                                                                                                                                                    SHA-512:5A2E7E98FCF966F7170E13C8C505D26B402EF7653812E72DE2EF4D8B51F98DBE8F9C0FE32CC7684324F164671559801A10654C8BCBE54E7029A8864E04126479
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\SwitchSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2133
                                                                                                                                                                                                    Entropy (8bit):4.795371325434706
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05L5y3jFLi:nd5CB7fdpFFFL5y3jFLi
                                                                                                                                                                                                    MD5:95806D0BFADF617CDB91B9BAACAB5429
                                                                                                                                                                                                    SHA1:2102999EC25BE88F138EA7C8FBF2A1BF4454C766
                                                                                                                                                                                                    SHA-256:07911DFF4B3128DE29FB83223A78878F9E972F35A596429861C7EA7956923B2D
                                                                                                                                                                                                    SHA-512:00D3B1DD1D764859249A5997EC4B2EC68FDF7C245A3AD4276A81370B2F43090F41D32DE48D94307703436E661EBAF64FF96332F109B0E611B74521F28C8F8004
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\TabBarSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3675
                                                                                                                                                                                                    Entropy (8bit):4.529921894562925
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LumN9scvaHjpEuaHjpj5Mt3jFLi:nd5CB7fdpFFFLum3scqjy1jp5Mt3jFLi
                                                                                                                                                                                                    MD5:4FD60455B2BC1F81B99ACF8A05B7CD49
                                                                                                                                                                                                    SHA1:FF39078653B3F8F1EDAF53430B2D51F3A2581EAA
                                                                                                                                                                                                    SHA-256:EEEF272650B489F44319B5490575515A98CE50AB04503402BB9BA27F5F566AD7
                                                                                                                                                                                                    SHA-512:9D7013EC552FE93C153FF6EACB01CB6BA415A5259338FE6DE4518CDAE073D60ADB3CBE577EF450F42B66D62347A95337493276DC999F11C9A4350D11B6EBFAD0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\TabButtonSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2133
                                                                                                                                                                                                    Entropy (8bit):4.795371325434706
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05L5y3jFLi:nd5CB7fdpFFFL5y3jFLi
                                                                                                                                                                                                    MD5:95806D0BFADF617CDB91B9BAACAB5429
                                                                                                                                                                                                    SHA1:2102999EC25BE88F138EA7C8FBF2A1BF4454C766
                                                                                                                                                                                                    SHA-256:07911DFF4B3128DE29FB83223A78878F9E972F35A596429861C7EA7956923B2D
                                                                                                                                                                                                    SHA-512:00D3B1DD1D764859249A5997EC4B2EC68FDF7C245A3AD4276A81370B2F43090F41D32DE48D94307703436E661EBAF64FF96332F109B0E611B74521F28C8F8004
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\TextAreaSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3437
                                                                                                                                                                                                    Entropy (8bit):4.6347274032907135
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LuEDPg54BH5ETkfq7RHw0L7i:nd5CB7fdpFFFLuaPU6H5Lq7RQ0L7i
                                                                                                                                                                                                    MD5:B5D0F60422D2FCF90F2A3DA5AA967B34
                                                                                                                                                                                                    SHA1:17F5B45D565C6ACAEBC221601F88A0B036323032
                                                                                                                                                                                                    SHA-256:C7ED96C7CD4548F68E55F0F03DCF1E4E1A2BA1D840C93ABE89A09A141BB62435
                                                                                                                                                                                                    SHA-512:8A1D442B29F5512DD8B1BE386B9435CFA4E2D086CE9FDABEF9AA0FDE6670FDFB773B5334A47FDBA480679EF34965278A426671A7F3076D238FBC020CBA30A07E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\TextFieldSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3338
                                                                                                                                                                                                    Entropy (8bit):4.636693633310841
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05Lu8sDPg5pBH5ETkfFL7i:nd5CB7fdpFFFLu8iPUDH5LFL7i
                                                                                                                                                                                                    MD5:589D92084CCB416E88FADBE56B01F060
                                                                                                                                                                                                    SHA1:1BCDF1BAC05A4DC8CF79D87CC50E2EDDF9CC5477
                                                                                                                                                                                                    SHA-256:A4A467321B4A2DEFB93F374447D3B2E593BD0B6127048ABD30642A32B0833FF1
                                                                                                                                                                                                    SHA-512:24F29484CF0FBD048F08730BC20FF909569CEC99E6C061AD0A6E22AADEFBAA5ECF5C5A5924B7C7B421E8640F94297E4013226B869A7591A95614ED87D2090DC6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ToolBarSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2670
                                                                                                                                                                                                    Entropy (8bit):4.698654419425004
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LuK97My3jFLi:nd5CB7fdpFFFLu87My3jFLi
                                                                                                                                                                                                    MD5:871BBA0EE60C356C2D7C83C9F240E957
                                                                                                                                                                                                    SHA1:EDFBA03D6D8146BFC3FF0E55DA400F06A5553D07
                                                                                                                                                                                                    SHA-256:3F0EC5B9A838CD155BA4426A7D91A9830D300BB2EC08E04685589815D7A20C1C
                                                                                                                                                                                                    SHA-512:1C9E86093A6027C28BCD94B714A7F959FC5DB3A7E289A6E55946ECB24E31D9CE8C96DC31CB5D8CCD5037CADA1BAC6F0F63250AF1FB190ADE5B2A133323B371F1
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ToolButtonSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2192
                                                                                                                                                                                                    Entropy (8bit):4.788553950637862
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05Lot5y3jFLi:nd5CB7fdpFFFLot5y3jFLi
                                                                                                                                                                                                    MD5:920C6A6B84D14E1995291B8177A1141C
                                                                                                                                                                                                    SHA1:C9AB88CC4C09EFBBBA25B63A70479D3159A837BE
                                                                                                                                                                                                    SHA-256:9CD02378488E8DDC891CBC1E7718BE197088A628D07100ED2D676B958F57B81E
                                                                                                                                                                                                    SHA-512:1FC8193CA7FBBFD005A4D8169535789086460F4F2272086FE44DA7C9E793F9E4B056A5F7D9BBB25BD818DC56A7FD96864F6EB8ABB244E5C27644FC8D9BA04C22
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ToolSeparatorSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2578
                                                                                                                                                                                                    Entropy (8bit):4.712580026164849
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LulCZrLMjLi:nd5CB7fdpFFFLuQZvMjLi
                                                                                                                                                                                                    MD5:E914076BFCB44AB249639204B52A85D1
                                                                                                                                                                                                    SHA1:6FCE74E2446DA8A4C506FFFB1255FBB2A5936533
                                                                                                                                                                                                    SHA-256:050A484049871C745112B1CC321BF1EEEF61748D809707B5CB1D946578D67CD7
                                                                                                                                                                                                    SHA-512:CD52E91805A428E5AFCF477D8A5DD67F38FE591CAEEED52050D0575DDC08A28F534BC7D1D7172921828B13D2F87E8CE8C5517C703291C4A6E2C0A6E47B2940CF
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\TumblerSpecifics.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3510
                                                                                                                                                                                                    Entropy (8bit):4.542180543006354
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LuzaHjpjeaHjp2bTT3A3EMjFLi:nd5CB7fdpFFFLuGjFlj8bTWEMjFLi
                                                                                                                                                                                                    MD5:8A21CB05BAFE538A8DBDB027C8C483C4
                                                                                                                                                                                                    SHA1:6D40134BAD0A93902DEC320F64F4B7EC5AB9ABE3
                                                                                                                                                                                                    SHA-256:58C5D2472E3D36750481A8617D222F8A666DACFC5C13D82E4258D8DE5A9AC190
                                                                                                                                                                                                    SHA-512:72A68D2A04F5AD6AF2E329FCCF7EE81F5514F80E1F571ED870B345D47749C17A2A4028CFD7E2A7357B54896B79EC23884DF04A4E6BC90B7664C2E00288B91966
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\images\busyindicator-icon.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 24 x 24, 8-bit colormap, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):320
                                                                                                                                                                                                    Entropy (8bit):6.143538258317517
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:6v/lhPknHIgn7oe3lDbbF8aJUHpXaX2q7p1nFRjtdp:6v/7gPnt3lD/hWJe1p1nTx
                                                                                                                                                                                                    MD5:F6ACA7D1A684343F1A7C2AF895CE7B4F
                                                                                                                                                                                                    SHA1:6B1EA6AE5D35153161EB2B222E8F2836145CABEA
                                                                                                                                                                                                    SHA-256:02E0FA98254896D80E653F6223670ECAF5B289E9326B569DEDA68FB9B3A924ED
                                                                                                                                                                                                    SHA-512:77BDF98D0FFEC04B070F69A5C0CFFBE94BC1E53F79C871A6209259AC1A6237BAE0B212E94FE18547FE11F350B9247837F56DA331D8D3B29EF2DA902B0A378527
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR...................?PLTE......................................................................tRNS.......%)0Miz........3.b....IDAT(..... .C..E.)p..[........B.Jo............$gw~..Y`5.L.^.+..n.;).u....=}..x.....y?..|~b..{.`..^J..;..BI..x.F ..TX.VJj?~.V.-K......$........j}.d...9".D....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\images\busyindicator-icon16.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 16 x 16, 4-bit colormap, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):229
                                                                                                                                                                                                    Entropy (8bit):5.609680159962802
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:6v/lhPIFufFpgGDj01mFVKxxi6vJbqXkR+g4HoSp:6v/7lm8VKy6vJbj3fY
                                                                                                                                                                                                    MD5:7B919E5C952E44182377DBF7FFFAB9AC
                                                                                                                                                                                                    SHA1:EDA8EA728C5A766BE2BE1124ED43E99FBF142E14
                                                                                                                                                                                                    SHA-256:2733397B655E5CE5EE38A89CE4C47E608CC439C61479191CC769E3CB2047FCAC
                                                                                                                                                                                                    SHA-512:17713CD9ECB8BC852D6D391CF101ADA75EF51FF55B17F5FC2B29C16154124BB4CC9F149864443A6748CB0B2E118CF3078083E27D12FC9C306C4C3416C817A193
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR................R...-PLTE...............................................q.....tRNS....'NOqr..........YIDAT..c```....B.}/......M....J........w...s....N2 ....d.a.....~.`x@.Z.T..```.j.....n)...............IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\images\busyindicator-icon@2x.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 48 x 48, 8-bit colormap, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):643
                                                                                                                                                                                                    Entropy (8bit):6.520420673107778
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:6v/7+fsDvf2ccFNcitVH1aApsN4AHCIMUqc3tj7vkmmbjM6d1b7/N:UH2qNeIMk3tj8Q8p71
                                                                                                                                                                                                    MD5:B030185F421E78A62BB53F32F538669C
                                                                                                                                                                                                    SHA1:90AE611AE062B498E40169F5BBF06C29277596BB
                                                                                                                                                                                                    SHA-256:E0CDD5067406A7AF72C33ABA8BBE7DDCB67B35C3AA232CA538F0243D35F9DBC9
                                                                                                                                                                                                    SHA-512:94A708396257507B173A386FEA9186B53BAEEE9C979E0D05AA6CD42BF34D27563FAB1E0DC622B7E812C80D0E35883E6554CC16B49FE5EB445BFB05598CB6E10E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR...0...0.....`.......PLTE....................................................................................................................................................],C...0tRNS..........()07:<=>FIJRS^ersy{|..................I.....oIDATH..V..0...r#..(.`4..u+.P....|s.....5..x..1>.H8.'y.3.....Q...".....V...t.7a.....w.w..&..4:V...U.T.aB....Q.l..5...f{..)......mY.B.6..nUN[.f..M.s:...P..9.....p(.!....3..........?..*.....,T.g..Yj...c...4Mu....V.........W..{...f...........v\....=`T..J.=..g....F1.Vkj[-........E..Y.'........d.t#.EZ..k..P..~.n.w.c(..P....e.|..9.....)zCS...O.].. .9.....B.]k~H.E....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\images\button-icon.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 24 x 24, 4-bit colormap, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):162
                                                                                                                                                                                                    Entropy (8bit):5.469002487170409
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:yionv//thPlG3V/1I/dNNNNNNNNNxyZ9lyQb5/fySxZ95YOChYkX16zUrc/sg1p:6v/lhPIvIgToA5/fysZz+Ck0zU4p
                                                                                                                                                                                                    MD5:4534457062287689BD692B7A13361A44
                                                                                                                                                                                                    SHA1:208DB74BA6E5B1BED15CEA8E8797E80CC9D23F15
                                                                                                                                                                                                    SHA-256:8B570AFCF93F9FF7D2299D1689D372B57DF9C432946C28EC5688D437070DD8C0
                                                                                                                                                                                                    SHA-512:0EB687EC15C7D97908EF8C4B2D835B2B5E229CDB23595B0016B582DF8A880513EE7391824A07EEEB002677E621E90D983569DA34D00579F0713E23101F2CD1E9
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR..............Y .....PLTE..................T..T....tRNS.W..........:IDAT..c`...v....C...P8P`.Ep..L..`.W.'.!...rP....b4..(.*...:+...V.....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\images\button-icon16.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 16 x 16, 4-bit colormap, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):145
                                                                                                                                                                                                    Entropy (8bit):5.257752058503895
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:yionv//thPl9vhSFg/dNNNNNNNNNxyZ9lkeWsFhGv8nNmRanZlgc/s/t2rPltjp:6v/lhPIFggT+enFh080RaMO1rddp
                                                                                                                                                                                                    MD5:8083A160F5C2087CADBCCDC01F9C63B2
                                                                                                                                                                                                    SHA1:0FB5F38A6A653E43CDEE07EE997A3D4DA449B414
                                                                                                                                                                                                    SHA-256:BEBDEE848CF1B6041D5FE1E00B064AA16F7CFF5117A3BA72511E70E69C52B888
                                                                                                                                                                                                    SHA-512:84C4F70540D1C0EE06CA3AD8372267C4209C405A675FA57FFD58CA8A1371297F8206D315EEC87F2493918C2DBF8827D730D87C4785BF6B21FA0B7402FADDEC1C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR................R....PLTE..................T..T....tRNS..vw.......)IDAT.[c` .....A.!.j(..3.B.!..P.`.........s..e.......IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\CircularTickmarkLabelStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):24312
                                                                                                                                                                                                    Entropy (8bit):3.2230542732982297
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:hAAAA8FooooOV1Y9gpGd9tZcWQlN2skBjG/Ji8JSqmFam1rR3rg3Jm/c8G0AEmkI:hAAAA8P9zDtZczGskBjGAWCaqd/cYAuI
                                                                                                                                                                                                    MD5:DB3EDD347A03000D3801E1975C574AE7
                                                                                                                                                                                                    SHA1:1783A2DF37ACCE092415301FD8FA7D3AA65D1826
                                                                                                                                                                                                    SHA-256:22FFF4D810B2D14495B9FB0B878253826335AAAB0A825B66FDFD32CF592FD54A
                                                                                                                                                                                                    SHA-512:39D4670DA61E99E796282DB966114591E225F54E70DBBDE9A781D1066E7F4DE284148182B8BBD10B3EEF60BCBD79B327B3CF4810443C5462638BFC9AADC31329
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)................^.................................................._R.|......]SHb..................#.......x!..K...........$.......$.......$.......(........................................................................................H......X...........H...........0...x....... ...........P...................P............... ...x.......X...........@...........(...x...........p.......8...........@........... ...h...........p...................X...........`...........H...........(...........H............... ...h........ ..x ... ...!..h!..................0.......s...s...s...s...s............... .......0...............@.......P.......`.......p...................................P.......`.......................................................................................................s...............S...............s...s...............s....... ...................0...s...........................`...............0...........................@.......s...s...S.......................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ComboBoxStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):12375
                                                                                                                                                                                                    Entropy (8bit):4.601679376476698
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:KtcGqSNWa0XKg5gzwCpjfVEsxd9CDMISxvTwg+v1COCNoOCOCc4:RGlGXKg5gMUfxd99Rw
                                                                                                                                                                                                    MD5:0D5F83CE30836BE4CBDBA1B5B0FA77B5
                                                                                                                                                                                                    SHA1:D8169FF72B8D0B64E81EE10EED5342B95259B0E1
                                                                                                                                                                                                    SHA-256:7EDDA00F6848787DB4BD38A04418D2F99ABA26D4296AFD67A3F67ABEC30C4949
                                                                                                                                                                                                    SHA-512:1ED61C158622739CFD6CDBE79F2162884DB920FC01E5D733ECB8AE1166167B65355538AE7237BBEC029C1F6D6267350E40E1723441FD70BB0E2136817EF58659
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ComboBoxStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):25684
                                                                                                                                                                                                    Entropy (8bit):3.0114989260555665
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:hWFaWkzu7ywogYhY8XqqoiFQ1jdYjum0Z09a87sYtrqsyi6a0WJHQz3jM:4aTY8XlFQTqHFrdyib0WJwXM
                                                                                                                                                                                                    MD5:9909FB7A0E6631B7BC8C0D2F437D6AC0
                                                                                                                                                                                                    SHA1:0D5B61E96642AA9B757A42AC3CC4484259CB9042
                                                                                                                                                                                                    SHA-256:0934AADFE5218C9423EC59762E8589314A21A0A029B899A7D9A4362B997489ED
                                                                                                                                                                                                    SHA-512:4D0B89409543CC7AC629B2986629FA7AF739B952EAFF1326AAA5CD65235C87DFB116E9B4F116A2CA9A8455ABA3876375011FA9C2DD0FEF9A6422AF785F414D69
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............Td......................................................I_.J..W..v0................#...........J........... ....... ....... ....... .......................x.......x.......x.......x.......x.......x.......x................A..x.......(........... ...x.......8...............h...........`...........X...........H...........(...x.......(...p...........P...........8........... ...h...........@...............`...........8.......................@...............p...........X...........@...........0........... ...p.......H...3...@.......P.......`...s...#.......P...s...#...........s...#...................................................................................#...............#.......#...........#...`...........#...`...#.......#...`.......#.......#...................`...........................................................#...`.......`.......@.......p...#.......#.......#.......#.......s.......s.......s...................P.......`...........s.......s.......s.......

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\CommonStyleHelper.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2688
                                                                                                                                                                                                    Entropy (8bit):4.94846948198866
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLBO6E+iCshVKzlOWGf0hEVufy9ZsV9hF1tgyTbb9f9IK:KBgUldGcQWX9JtgubR9
                                                                                                                                                                                                    MD5:8FDB08DC6713B34EB276C2FC503CC84E
                                                                                                                                                                                                    SHA1:5CCCC4CB7AF003671B694BB3C3CB2D75744B6EE0
                                                                                                                                                                                                    SHA-256:75FEB7954038FC605A7A111592C16B83286716E4FD509615FDDC2419FA7AD98E
                                                                                                                                                                                                    SHA-512:F17C7EF0A50A4843B2A645069E67966266EC134EE5CEF4C41B2790DB9EDC44C3E815639395A7046B8A5E297BE083AA0F83B7FEF0A7333B43FD77FB3D10015752
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Extras module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in th

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\CommonStyleHelper.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2564
                                                                                                                                                                                                    Entropy (8bit):2.8965540579934848
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:0iCUCSbKmiiy4IeAtmJeGAcXWqAYXBGXoAb1D4jy88SgGgNgH8Ys/Bc1QDzxfolR:rCUCdmiip9AtcA8AwmoAlSgFYf1efoH
                                                                                                                                                                                                    MD5:786B3CCC9B1D861EC1F3F8D9724D9813
                                                                                                                                                                                                    SHA1:91E08695B8373BC346E2038BF023A22F6F53B7B1
                                                                                                                                                                                                    SHA-256:ACC2463B8F8897997FDAE799C5ABC3DC202C37B499F3088244E35B60239D57C2
                                                                                                                                                                                                    SHA-512:01F52AECC412F17372EBE09A44497AF707C0DB03287E34A2A5DC328208B36AED274AC65CEEEECA21C86C523CA6CD990A320373401037EFEB447C1E27D007D7FA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata).....................................................................q.{.......5Q.................#... ............................................................................................................................................................... ...H...................X............... ...H...................P...................0...X...................X...........................................................Q.t.Q.u.i.c.k...........................Q.t.O.b.j.e.c.t.................................I.t.e.m.................................c.o.n.t.r.o.l...........................b.u.t.t.o.n.C.o.l.o.r.U.p.T.o.p.................................#.e.3.e.3.e.3...........................b.u.t.t.o.n.C.o.l.o.r.U.p.B.o.t.t.o.m...........................#.b.3.b.3.b.3...........................b.u.t.t.o.n.C.o.l.o.r.D.o.w.n.T.o.p.............................#.d.3.d.3.d.3...........................b.u.t.t.o.n.C.o.l.o.r.D.o.w.n.B.o.t.t.o.m...............................#.9.3.9.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\DelayButtonStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):7477
                                                                                                                                                                                                    Entropy (8bit):4.457964454713401
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:KicGAS+yVHrMW1TmEmCrFUCz8Itym6kDQbp:4GDRBr3mEmC5VyvF
                                                                                                                                                                                                    MD5:DD14E449040774CF0F8C297ADA0BB230
                                                                                                                                                                                                    SHA1:33FF12A501046315450A488B3CFA9C360D7F766D
                                                                                                                                                                                                    SHA-256:734198AE9B68B20931073ECEC580B3924006A40212A397A26854ACBA3C60D08E
                                                                                                                                                                                                    SHA-512:E984BE5ECEA7260D68AE277C0A6F7EA5252B881B5B9195D0FF7BA7A7530E0691A77FC9A6A5FD9158B3D2D3706FDDE2D4C2B9A64A6607B7CB51D7C017CB9199C9
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Extras module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in th

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\DelayButtonStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):16832
                                                                                                                                                                                                    Entropy (8bit):2.9141612341375875
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:lWMWyYDYnjJ7VawAt8ixAARP9DUTOZ+ubfiXNAcdEPWi5:MmAWkh9DUabKXNAcdEPWi5
                                                                                                                                                                                                    MD5:4F15ED59650CE6A69C4C78EB4ADA912E
                                                                                                                                                                                                    SHA1:77A2189C5076D0F2040501F938833AE514C52714
                                                                                                                                                                                                    SHA-256:52BCE8E2D7F1295C2F8ACCD37BDC81F61225C1EADD83F789054E206A9263CC1C
                                                                                                                                                                                                    SHA-512:871E50D6302A2DF5308122E8DBA23BEE18AA3BCA98E2E12BE8652C49C1F5E21A6B0FDB08509833AFBE0F987900AFAEF280BF20790C745410074AD74184BD2A49
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)................A....................................................7?......^....................#...........*...............................N............................................................................................-......X...........h...........H...........(...p...........H...........(...........(...x.......h...........H...........(...p...........H........... ...h...........@.......................@.......`.......................................s...........s....... ...s....... ...........0...C...............0...P...S...`...........p...S...`...............................................................s...........#...............@.......`...C.......c............................................................................@.........?........@...............8.......8...............B.P.................B...........@...............8.......8...............X...................X.....:.....@...............8.......8...............Y...................Y.....:.....

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\DialStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):13309
                                                                                                                                                                                                    Entropy (8bit):4.641284565398556
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:KicGjStkxvChpI1QjdAfKRhqfIWvw6/aJCiD2pp5opxj86L8PbWv+IzU:4GGAvn1c2SviE6/pkjfvS
                                                                                                                                                                                                    MD5:C9ECBD290C4D4AF10D1F16652064D786
                                                                                                                                                                                                    SHA1:7C967C254D293CC4D2ED5667053C02762A7F466B
                                                                                                                                                                                                    SHA-256:68D38C22B76E28D994B587A9EDDADCDF87682A0F2678551FE67B68C737107B4E
                                                                                                                                                                                                    SHA-512:A1887E899BA983050F84882F4BE70CAF055F4F945E7A7A91E864CCA95A55EB25B15DD4E97CDC2F7846A38D3994F23DE7323947B9AE50C7CCB5B063105AFCF670
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Extras module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in th

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\DialStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):18992
                                                                                                                                                                                                    Entropy (8bit):3.2382403834754707
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:MLByX4xGNkT/VF0692zqL99OuAfP8IDkwRewMDr:20oKkTt59CqN6bD54wMP
                                                                                                                                                                                                    MD5:3C6FF8ABCC700FD6985EB56F46623D7D
                                                                                                                                                                                                    SHA1:9D2847B0CFA8B86C6F04AB7952CF671F0BD793C4
                                                                                                                                                                                                    SHA-256:0FF17ACEB14EED54DB814A2B292DC3D5FF8F72F50AA6DD0CEA756639516AFEEC
                                                                                                                                                                                                    SHA-512:DF453E48D62CFE9E9044D4AAE04223EE41ADC654C292B930EE0FEC7238A2918CF1AA51DBBC908FC2FD160339A6F3A38645D7360E126BEF8229BBF97C7445793D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............0J.....................................................7..`..Z....U`................#.......P...5...........................................X.......`........................................................................;...... ...........0...x....... ...p...........X...........8...........@...........X...................`................... ...h...........H...........8...........(...x...........h...........X...........@...........0...@...............................................P...0...............P...............P...................................................................s.......s.......................3.......@...S...........3...S...........`.......s.......s.......3...s.......3...............s...............s...........................3.......3...........P...........S.......0...3.......3...........3.......3...............................`...............`.......................................`.......................`.......3.......3...............

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\FocusFrameStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2195
                                                                                                                                                                                                    Entropy (8bit):4.860641581432451
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:MLkjCT3QXf8WYwid0szM68qDRGNfFTNZbOWGf0HB+N7YiZTcfy9N9C2RE3P/z:MLoO6E+iCshVKzlOWGf0hEVufy9nC+2
                                                                                                                                                                                                    MD5:AD01AD6DE4CC26FA4270567AC67899BD
                                                                                                                                                                                                    SHA1:4504EBA68FECEB61AE5805AF8FCC9E8F46813368
                                                                                                                                                                                                    SHA-256:4A6FDFC1C81341D6B4127DD76CF30A46CDF1EA080156327C641D93659AD10E4B
                                                                                                                                                                                                    SHA-512:CC463C14BB9B6321B9E0B3B5F9864CA29E5899D8054CFDFA2458AB3FA5005F470EEBCD87FF3278718D1CC7E15C0184C81776D3C650CF9A0A49F2D209B998AA3E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\FocusFrameStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):796
                                                                                                                                                                                                    Entropy (8bit):2.361046648782086
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:0IzG8ssssssp11Lcz3/jt/c4XRvEENoZ4lc:0IzBsssssspPU3JbhMR1
                                                                                                                                                                                                    MD5:1B33BCFD2994AE3F7783136980F3E078
                                                                                                                                                                                                    SHA1:9B03F4F149AD4FE25F25829FD5E4235303200625
                                                                                                                                                                                                    SHA-256:3DA9343F01C3002E9A952BD3425431C5C81CCA2028305A4E0211C618138B41F1
                                                                                                                                                                                                    SHA-512:23B70B9BF4F6236B8C8E3F5C3953B157437CB2059BC3CFADC5A830CCA90E40E75EF92B84F0E15EAAA9FB62F0E09BFD25E5AF7F9656DA39B9BA164FC78F06EF1F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...................................................................".a..a(pL.\...[................#.......................................................................................................................................H..................? ...@...h........... ...........................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s.................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...P.r.i.v.a.t.e.................................I.t.e.m.................................m.a.r.g.i.n.................X.......................(.......................).......................*...\.......................T...T...`.......`...`.......`.......x...1.......x.......x.............. 2.P.................2. .2...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\GaugeStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):22836
                                                                                                                                                                                                    Entropy (8bit):4.299447926284382
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:KicGzSPBjuH5kOOqqOipbNpymTjDIkE6ypij2RsDPjdBfNDL9+:4GW0gJ4EdEdYjho
                                                                                                                                                                                                    MD5:7C3C99E2E1F2D6D7AA20BCEE398DA6E5
                                                                                                                                                                                                    SHA1:146F9AEC406A1C8921608C42399BB8F07D5A4F95
                                                                                                                                                                                                    SHA-256:47720FB3600A64E782D23C316B88E2A0B8C04DDB4145C4F3FC715C88E5C4AC58
                                                                                                                                                                                                    SHA-512:578F5B75B7227138994066997E79A0DA7473172220975AC9298C58CB4CAA6C32DE484AB8A01235F374C80882B85D114324D7AAD20F17BBFB417EAADA4C5E3CD6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Extras module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in th

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\GaugeStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):30776
                                                                                                                                                                                                    Entropy (8bit):3.3385668305513083
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:G8yAxQCIXi0du/Eu9dAU4vhlt6Ej6WXWepCgJtntZKJ:9v2A8LU4V6WNtZ4
                                                                                                                                                                                                    MD5:E57175D65E71212F1E5595DAFD629544
                                                                                                                                                                                                    SHA1:E80A8792C8229D92A53C62C1E7762D85C9A9D4D0
                                                                                                                                                                                                    SHA-256:221A1969368CF082740A31D969416578C105CFF46E545EECD3FDB2D382BF57B8
                                                                                                                                                                                                    SHA-512:1402AE7A06FE974686DEFB0F352E5BE2118B7B94A5712C525A5699931701B289B6564B30A9519C2D0E6436C59EFDECA83F3B30BCC2B82B3E3043DA34062F70FA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............8x..................................................rj..].....e.$/................#.......(...\...........h.......h.......h.......p.......................h.......h.......h.......h.......h.......h.......h................U..h...........X...........`...........x.......P.......8...............h...........H...........p.......0...........h.......x.......@....... ...p.......P...........0...x...................`.......0...x....... ...x.......P...........8........ ..X ... ..0!...!...!..."...#...$..P$...$...%...%..(&...&..('..x'...'...(...(..()...)...)..(*...*...*...+...,..`,...,...-..x-...-..........C.......P.......c...........p...c...c...........p...........c.......@...p...c.......@...p...c.......@...p...c...c.......@...p...........................................c...c.......@...p.......................................c...c.......@...p...........s...............P.......@................... ...0...........@...............P.......p...`.......p...`.......................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\GroupBoxStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4956
                                                                                                                                                                                                    Entropy (8bit):4.6040064729782575
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nC+/GZg3EQ4UWgqk3DJCHB0YpD+0mXkupan9N:KogUldGcQWgG++KvzJu0O+pkXol+1
                                                                                                                                                                                                    MD5:551C67724C444056F370802198A7E5E9
                                                                                                                                                                                                    SHA1:E87F2AF2D3DB8407A3E467B613191C9C268FBB41
                                                                                                                                                                                                    SHA-256:A87CAD5B0BA3FE0E67F183EE47F33B0F92E733ED3150821C0DE76D8AD7A3D664
                                                                                                                                                                                                    SHA-512:7CE6B704CE5B36EB2A88ECB77CD86EADEB9E6B579412E657FA94764B04E2BA4E9F006B0089DE1A4587DD925F9130DD4358541FF40E26922F369FDCC06FE72B48
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\GroupBoxStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):11064
                                                                                                                                                                                                    Entropy (8bit):2.806526063215661
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:lYH7AAxWw4gucKsiEFJbbITn6TlfHKNE9vUB722zKIocXQsnyxwS02S:+ZYw4guc7blMecXQwyxwS01
                                                                                                                                                                                                    MD5:96E7B4BD1E4B59E6D64FF232C69B5BEF
                                                                                                                                                                                                    SHA1:CE56A5FBA71BE1D237BF884810B47748380DC642
                                                                                                                                                                                                    SHA-256:CD5DB52E37C71F2327E8D68080FDF2BB35FBA7A2D0244E2D3F01A7FDF911BD60
                                                                                                                                                                                                    SHA-512:6D580D0B66FC2AA466DA95DBF655881F2C66CB398ED418238AD00BC307D77C5D76F314F3C15FF1909CE73A037CEF932947AF8D41ADA89042FA7A539656C56DD8
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............8+.....................................................Y..........................#...P...H...............T.......T.......T...3...T....... ....... .......p.......p.......p.......p.......p.......p.......p...................p...........x...........X...........0...x...........`...........8........... ...h...................c... .......c...0...@...c...P...c...@...s...c.......c... ...s...s...c.......s...s...c...P...............0...s...........@...c...0...............s.......s.......s...............c.......s............................................................................@........@...............8.......8...............6.P.................6...........@...............8.......8...............A.P.................A.........:.................@...#...........8.......8...............:...................:.....:.:....`.J...:.L...:.H......|.........@...............8.......8...............H...................H...........@.......!.......8.......8...............

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\HandleStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2849
                                                                                                                                                                                                    Entropy (8bit):4.799975439686825
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLBO6E+iCshVKzlOWGf0hEVufy9nfAerCvgC/5qs4pn:KBgUldGcQWXLA
                                                                                                                                                                                                    MD5:4F524B56A3AB03D69866D757F7789BFE
                                                                                                                                                                                                    SHA1:18329971CC6F7DFD0620FABCB68EB5A14C3D385F
                                                                                                                                                                                                    SHA-256:0C49EED4E013CD6D921A73A362AE0B49288C91377CB1A6FD1D9A3C1A79DB78D0
                                                                                                                                                                                                    SHA-512:67D1E2D8E1AF463C850B672121970489A9FB19C6E1ECEC278FE7D40FE8057EE6598B2CE87DB9F1B11D633863E704C17C1F8CDB5E360D040AE3842008208DC3AA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Extras module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in th

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\HandleStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3656
                                                                                                                                                                                                    Entropy (8bit):2.6937189609249783
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:4rssn0OzDRmXRwR7SRDVqIRtMVRBumDFERynksK1Y2QAvJAbJlYsgTSKv:Cssn0y1eacJPtMzBukGOKGWvL
                                                                                                                                                                                                    MD5:8C0854577699A7629EFDA32131BE2CF8
                                                                                                                                                                                                    SHA1:1C4D275B16C777649C28EA16CFE6CBA8769647D8
                                                                                                                                                                                                    SHA-256:230662718DA2C6AF495B462F42F17ABB4B2B915B66557DC9196116C698784127
                                                                                                                                                                                                    SHA-512:B3EDF93522E4C6E273DA94DE0B7CCB78440143F589F3EC3DCB79A0AA4C79B590A6F341BAD32B13EBE1C2D594B0E221E359D8454F0BB1D661A641193F25D74FAB
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............H...................................................E..:.m..Z,...T.................#... ...................................................$.......0.......8.......8.......8.......8.......8.......8.......8...................8...........H...........s.......................................X...............8.......8...............>...................>.......?.......@.......A...........................................@...............8.......8...............<...................<...........@...............8.......8...............H...................H...........@...............8.......8...............I...................I........................... ...@...h...............H...............8...x...............0...h...................X...................P...............0...`...........................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...P.r.i.v.a.t.e.................................Q.t.Q.u.i.c.k...E.x.t.r.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\HandleStyleHelper.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3955
                                                                                                                                                                                                    Entropy (8bit):4.902843047893749
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLBO6E+iCshVKzlOWGf0hEVufy91Bbyx4leoEB5wPCLXmic0uV5llN7Dmic0T:KBgUldGcQW4Bbveoa5wPKc5B7DT
                                                                                                                                                                                                    MD5:518B479E244913265C2805AA261295E7
                                                                                                                                                                                                    SHA1:6CC7C85DED85CBD12067D469040FE356FE905147
                                                                                                                                                                                                    SHA-256:08B3432BCA020144EEE63A8EBA54FCD9DE6ABAD39368E316EA5EB3F627E8C113
                                                                                                                                                                                                    SHA-512:D1C05E98F2615F6245767CC03D8368FE605AE50DDBD19C3F3DFE894BE26ADDB4844944B7207B417172DFEC561FD2EBED02E4B52199A414C31BF63525ED6E5FBB
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Extras module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in th

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\HandleStyleHelper.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3404
                                                                                                                                                                                                    Entropy (8bit):3.4476532270828906
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:RkkrZYWUl/jrnAC3RmhRnRWlrSRHR/SR0R+RtRpjR5NhAzt2d9qF:H1U9jrURQsxQ2c7pV5Nhkgd92
                                                                                                                                                                                                    MD5:D87413CBB5BF2AC58F353376A1F70475
                                                                                                                                                                                                    SHA1:CA47A97FB96C5452A015267E7BD93178D3026068
                                                                                                                                                                                                    SHA-256:FAA9F227D344C30CA20E76487B31F8BA10183829EF6447DE3286511B18AA77F9
                                                                                                                                                                                                    SHA-512:C4BEDC648C7DC626DD8BE5C91F5038EA9492CCDDC40415FC48393149AA10633E62AC13D711D48E1F3537015D7D66087A871DAAC3D331FBD48B660746DDAB3E8C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............L.....................................................4....l.%.3!...................#..."...................................................................................................................................................3...@...P...`...p.......p...............C...........c.......................................................................ffffff...........O..n./.........................@...............8.......8.................P.............................................@...............8.......`...............8.P.........................................................8.......9.......;.......<.......>... ...?...#...@...&...A.......B...6...E...?...F...g...H...s...I.......J.......K.......L.......P.......Q.......R.......S.......U.......V...I...X...U...Y...a...Z...z...[.......\.......].....................d.L.....:.X.L.. .. ...:.:. ...:.:. ..........................................................................................................>

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\MenuBarStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5266
                                                                                                                                                                                                    Entropy (8bit):4.7800368857594115
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:KogUldGcQWLSSQ7FUtyV0zZnr64Hlvsy3A:KtcG8Sp74y+zZ79w
                                                                                                                                                                                                    MD5:72E9D9E9FC99FA5DE5157CB65CAB7F49
                                                                                                                                                                                                    SHA1:8D973BE620F3BB6DCE39165DE53C2791907A8D14
                                                                                                                                                                                                    SHA-256:10B0380B7358DC7AD70A5DA292BEE8278A7171249C8E6B64DDDBDC4D64D6885A
                                                                                                                                                                                                    SHA-512:76AFF6AB7DE904EC73CC05DBFD7B76992CC0051BBF5CAC563883C6D29C4BAE47D21BD5B11063D2292B06772BE55D7C7974E698A155931FAF403C30471C5A0CE3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\MenuBarStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5312
                                                                                                                                                                                                    Entropy (8bit):2.888961910430735
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:Q5iTg5J1sf3NHtfGsNoWnWUpZNEr+WGuvNkwv:0iTg++Kwgub
                                                                                                                                                                                                    MD5:E9C5703E697F1A96E4A9D0FDF49EA8F2
                                                                                                                                                                                                    SHA1:5DB4D3472C9CB8452F43616396F636C45BA24B8B
                                                                                                                                                                                                    SHA-256:92EE0FC2B8056AFE82FF34DC180F4D5AF632244D4ECF85CFD162FDAA1477B170
                                                                                                                                                                                                    SHA-512:0A2FEED64719705176001F26E5EE7EF79D818EC03297ABEB1996CA4FFAF797D5AFFA3AA3AA939E6F75FEF7A9FE26CFFE7ABE7BD2F3DF7BADDEF2D492B6BD8290
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...................................................................!H...8.!.E9P/.................#...4................... ....... ....... ...$... .......................................................................................h.......(...x....... ...h............................... ...s...0...s...@...S...`...S...p...S...P...S...p...S.......c...........C.......C.......S...p.......#...`...S...`.......3...S...P..........P...............8.......H...............G.P.................................H.....L..........H..................@...............8.......8...............e...................e.....:.....|.......@...............8.......8...............f...................f.....:.....|.......@...............8.......8...............g...................g.....:.L...:.L..(H..)......@...............8.......8...............k...................k.....:.....@...............8.......8...............l...................l.....:.....:...............@...............8.......8...............

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\MenuStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):19028
                                                                                                                                                                                                    Entropy (8bit):4.517836433157375
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:RG3wzT7/U9hj3mJx81JDleATgJxKmgGTuNBb6v:RGgzT7/U9hjjeAEJxJ
                                                                                                                                                                                                    MD5:FFAAC9E0AA74D8288693E93C3D535183
                                                                                                                                                                                                    SHA1:0D8F124B31CC2CD66B769A0B462C3C95D7F6E7C3
                                                                                                                                                                                                    SHA-256:89F8F0FC50908E19EC2ECFD39AC53663E95488812E8B05966184E25B1139DF11
                                                                                                                                                                                                    SHA-512:B269B9F9B6143835A6F2A8B36C3560C545C8AAD6933792714765EB9ACFC38A2240ED660832338613F836B5B7A27814B0839BAD433D6259E0D6030C56EB3DE06B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\MenuStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):27256
                                                                                                                                                                                                    Entropy (8bit):3.1193912423858268
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:9xCJMyDoca2QQkaNNI/NZJbgDpmQvbGYhHwDD7mYrfIInnSDC4tROQAUuGI9s/aW:SKUNcusObG+HxYrPnnSO4teG9aLU+89
                                                                                                                                                                                                    MD5:E46156238F671492FB9E2398926E684E
                                                                                                                                                                                                    SHA1:EBCE08C270B9BDCC88AADDD6DB320C57236D3C9A
                                                                                                                                                                                                    SHA-256:7D7DE4F9DDCF214B36F4C2AA0E925F2F1CB1926EC0A1F1A1D8E51314A3148B11
                                                                                                                                                                                                    SHA-512:4C75C13E67885DC8FA58BF8E17CDB9996D22CC4629D8F5C78FF1676619A6290C80D65428FC01972E13DF1E29E2DD11D8048BA970476AD401DE50D16F58BA1D12
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............xj..................................................\t...zY.I%..Y................#...........D...........................................|................................................................................H......x...........`...........P...........H...........@...........(........... ...h...........`...........P...........@...........0...............`...........8........... ...............x...P.......`...........P...........`...........`.......0...........H...........`...........................................c.......c.......3.......3... ...............................3.......3... .......C...c...`...3...@...C...P...C...`...C...c...`...C...3.......C.......C...........C.......3...@...C...P...C...`...3...0...C...3...@...C...P...C...`...c...`.......c...`... ...c...`...@...c...`...`...c...`.......c...`.......c...`.......c...`.......c...`.......c...`.......3.......s...3.......3...............3...............c...`...........`....... ...3...............

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\PieMenuStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):13619
                                                                                                                                                                                                    Entropy (8bit):4.526104451067634
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:KicGPST7AttX6JwMo4n2j6CMFnA0HxogPyXccLZV1TSSEZE2qdBQBKk3ThdR:4G6HxfVRJWX1TSSEZEpBQBKc
                                                                                                                                                                                                    MD5:4331645D90F0E38D2486BB5B2C1E402C
                                                                                                                                                                                                    SHA1:BD5548BF8894E5BD20253A691E756A4702CAB0C1
                                                                                                                                                                                                    SHA-256:2E181DDA4E3BE6B21B5141C7B235E93FB25EAA54D21FB3038BBF861C9B445306
                                                                                                                                                                                                    SHA-512:D1337FB0148808E24FF0BC9AEADDAC4837428DB896830A7092078B128B5968DE59E4CB7244AC28632F63540FCA821872F526B23CBC778624DABAB81B6E981346
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Extras module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in th

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\PieMenuStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):19552
                                                                                                                                                                                                    Entropy (8bit):3.160341341027771
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:7h4tTgqgqU1vD2IWiFQZMRSIAYHKyI4GNfJQZcTvUGjK52DMiZn:eFjeFvkN7xXT8F57iZn
                                                                                                                                                                                                    MD5:4C85BF9777817B4A4B98D3BDE8CB0D87
                                                                                                                                                                                                    SHA1:C7A67D2F56A6A0B60664EF6609219299DB42093A
                                                                                                                                                                                                    SHA-256:529B297A30AAD00EE68241B603290927B6A4DECADDA8F9BF69D8B787B7CE4896
                                                                                                                                                                                                    SHA-512:51E5BC2A3BDFB7A083D8D7F62274794ADCC5CC99BB85EA39A853729749D06F7558A1D0B3B52908A168A5E60E35173C8F41F707AC13BDC7EADCBA57FF0DDAB258
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............`L.....................................................m2Y$".e..q...................#.......8...1...........................................................@.......@.......@.......@.......@.......@.......@...............x:..@...........8...........H...........`...........P...........(...........`.......X...........@........... ...h...........@...............`...........@...........(...p...........X...........P.......(...#...3...@...3...@...S.......p...........`...c...................................................................c.......c.......S...............C...S............................... ...........................0...`.......Q....... ...S...p...0.......`...Q...S...........S.......................s.......S.......c.......................C.......C...........C...............#...C...c...........................................................................S...C...#...........................p...s..........................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ProgressBarStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):9671
                                                                                                                                                                                                    Entropy (8bit):4.398147008349299
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:KtcGfSf6PYKu6KmdxGjeSunJPqvGeOuJ41jHkPx:RGKygzinJPex
                                                                                                                                                                                                    MD5:C29EDE2738CBEB5AFCF438CCB0AC5D0A
                                                                                                                                                                                                    SHA1:D71DEB3F6FB577FABCA903C22EDEFCE9082EB284
                                                                                                                                                                                                    SHA-256:D3FAAFA6630BCD03E81DDE2D87486CBCD0C4A5B20785C74342F37E002B65A2AF
                                                                                                                                                                                                    SHA-512:8D6E88B5B1AAFA8558C17E365F95C51C0E063D6DEE1ED12BC864B3AC5D370F4AFAC71A20F16751AAF130C991D57F9295B567AD7618FE87FAA7C3EF57202374F9
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ProgressBarStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):19268
                                                                                                                                                                                                    Entropy (8bit):2.976968452247448
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:Umwu8hp5O7Myp03lJwrRl7eH9l4dSnl65HHiIjllh:UME/yQwS0Sg5HHiIhH
                                                                                                                                                                                                    MD5:B3A85DF74A632C75FC772B10A3FA0092
                                                                                                                                                                                                    SHA1:D3D198651B783278BD54530089E8EBACBBD1DD60
                                                                                                                                                                                                    SHA-256:47ABE3AB1B1E9B2CF366795C50E284B639DEE5E2C59447752A2A10EFF0907A70
                                                                                                                                                                                                    SHA-512:C7778F431CFD10E803E71C79C0D14FD715B2EF7618F99215DE5BE07323848D7AEE7C5ACF5456B35A1E646099311F95B3B639B81D85153CE1383B04E1D5BCC605
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............DK...................................................)..VP.._.x9q...................#...|.......7...........................................................x.......x.......x.......x.......x.......x.......x................0..x.......(...p...........`...........H...........0...x...........X...........H...........8...........8...........0...............h...........X...........H...........P...........8...............p...........P...........@...3...s...@...s...P...s...`...s.......0...s.......3.......3.......3.......s...........s...@...s...............s...P...s...@...........s.......................s.......s...........3...........s...P...................s...P...........s...................0... ...............s...s...0.......0...s...s...@...s.......s...@...s.......s...@...s...s....................... .......0...........0....... .......s...P...s...........s...P...s...........S.......#...........s...S...........s...P...................................................s...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\RadioButtonStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6421
                                                                                                                                                                                                    Entropy (8bit):4.608996006455668
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:KogUldGcQWW/SYUpuj3wPSmnEJqZJ/49kGAd/dR:KtcG9SBE8xnEJy49knrR
                                                                                                                                                                                                    MD5:D03303AF79AE603CFBE6876482F053A8
                                                                                                                                                                                                    SHA1:C8F44F484B05C75B8D081B89BEA1703BC9713E99
                                                                                                                                                                                                    SHA-256:A5A0081052F3AE4C8D97472CA1AD6AD67E8C4A05758143CB18CA8E99114DFBAA
                                                                                                                                                                                                    SHA-512:BDCED49DFE5E8F6C9DD00C432EEB5643C81352ADD3698D683AC9AB2440C4942941DFAA253BFB9C492A4B8BBD7E5D9C5A75A046B88931552218565AF0E4D154C1
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\RadioButtonStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):14128
                                                                                                                                                                                                    Entropy (8bit):2.933463254973183
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:f6yKdFZ6qUT4wLwIfxJZbxqfSHmBse3NWCklw0EJ7rwEAvPYqPBRvIKX4Ro/fuuh:f6yKlqT4wkISl6iOvwKouJlr
                                                                                                                                                                                                    MD5:B6043189128F0F1EF769BEAEAD85AC66
                                                                                                                                                                                                    SHA1:FADA66D0EA28FD11EE1B34EEF900267FCD681B59
                                                                                                                                                                                                    SHA-256:FFD86AADCD6B8679A22CAFF12367FD1915195A9AF59E57CA328F63018FC0A75D
                                                                                                                                                                                                    SHA-512:D02FBC74F13A8F3FACEDE511F4FD721A8B47FC7DE9C856DB8B0CE13A0476A472D2862A24B82071FA74313C035A53C157099D0C50DAF2132714C543CFF82D959D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............07..................................................5...-/......"..................#...i......."...............................d...........................`.......`.......`.......`.......`.......`.......`................$..`...........P...........0...x.......(........... ...h...........X...........H...........P.......0...x...........P...........(...p...............#...........3.......3.......3...0...3.......s...@...3...S...s...0...`...s...s.......0...........#.......#...............#...................s.......s...@...........................s.......s...............#.......c.......3...@...3...P... .......#...............3...`...3...p...........3...`...3...p... ...........3...`.......................S...........3...@...3...P...3...`...3...p..................@.......?...............333333................%.........................@...............8.......8...............O.P.................O...........@.......,.......8.......8...............o.P.................o...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ScrollViewStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):17548
                                                                                                                                                                                                    Entropy (8bit):4.574607698856005
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:KtcGfSi2rZovoKAZCv8pbLGoTR9uDHmnuwPxmEaTjQe0RJ6jGHE:RGKVUlAZs8pJR9uDHi14TjQHRZE
                                                                                                                                                                                                    MD5:96833FE6D42FC67244982F05C244788B
                                                                                                                                                                                                    SHA1:0469818E36FEF3B4F009E7AA79A3BFC183817B35
                                                                                                                                                                                                    SHA-256:8E89154CBF7946D7655149B7F6AED77528C95A88F3F7677C2D1579DF9A3DBDF8
                                                                                                                                                                                                    SHA-512:F5D2A22D5621DB4E7DE9CA005801A16507C8271568F8F9950B04E76CF48BDB159854854071E05FB727BB96ADD1D927C6290C7E8C7107516A872F58F0315282ED
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ScrollViewStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):35988
                                                                                                                                                                                                    Entropy (8bit):3.2005111570241023
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:31JDbE9qyEJPDcygx33SVfsM3oIH3keOL3L0:31J89qyExBm33SdV4IHw3w
                                                                                                                                                                                                    MD5:6E26F39B3B97378A76D80A494CF4C47A
                                                                                                                                                                                                    SHA1:79DC43C3CC819325CE8E41153969B9657817A154
                                                                                                                                                                                                    SHA-256:4AAB51AC7A35BB70C015C146328F921E8C54D6DEA1E97FD0135C6C33B8ED354C
                                                                                                                                                                                                    SHA-512:E27733D1FA1FB622341E15190C42407D125CBC7206B9DB899E4ED40D3B416AA2277BA5B818235E3FA3871B6E4BB34EEDD54DD0F168C5789386768D1194FA843C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata).................................................................../pu.#^ex._".3.X.................#........2..m...............................q...........................................................................................@`......8...........(...p....... ...p....... ...x...........`...........P...........X...................H...........8...........0...x...........`...........X...........H...........8...........(...........0...........(...........(........... ...x.......(...p.......@.......0........!...#...#..0$..p%...%..0&...&..('..x'...'...(..X(...(...(..P)...)...)..8*...*...*..X+...+...,..X,...,...-..`-...-......X......../..`/.../...0...0..`1...1...2..P2..`2..p2...2..#...3...@...3...P...s...`...s...........0...........p...............p.......C...3...P...C...#...3.......................................................p...............p.......3...............C.......0...C...................C...#...................C...#...........C...C...C...C...................C...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\SliderStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):9011
                                                                                                                                                                                                    Entropy (8bit):4.524730875753044
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:KogUldGcQWw/S1DvNkmF0vPwkGO+YCd19MznVXwznoaHFl4a3PkaCAc0rJ15o:KtcGpS17qPwJTd19inV8n3L52
                                                                                                                                                                                                    MD5:683EF25C8A8FAE7C5C6ED4E90F6638AD
                                                                                                                                                                                                    SHA1:8C81D572D01C9C7A9C7B1B871BE68576812F6447
                                                                                                                                                                                                    SHA-256:2A7D2BFC834A4A902EE60361A669355CDA0E401823F42137B83504F97BE0723D
                                                                                                                                                                                                    SHA-512:D334AEDEE899EEEC7AB63A837F71DB23C43A6FCAF0D768B71CC716BDAF9F3AFB8D81EF98CE037C77DC61B07CFE4F295DB1E3FA0257F79464C325FAC140C2602F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\SliderStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):19176
                                                                                                                                                                                                    Entropy (8bit):3.005812541026281
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:8bHeEWJF80XI0KbMkQ5GdKvXjQH7pfl4VmVd2x8RFiPbB3MdPd/d:8bHeiC4MM4vXjkpw8Ix8RFiP5+/d
                                                                                                                                                                                                    MD5:48872F787098940334F5D87B880ED220
                                                                                                                                                                                                    SHA1:B0309FAF05753A287F7112D7404A781C097AC746
                                                                                                                                                                                                    SHA-256:A4441507B26D0325EC7FFDF4E12E51A7E8A4F4A3C77BA6B78866D3C675476379
                                                                                                                                                                                                    SHA-512:64E2C2123F107ABEDB071CABC3B3C0FF11959C3255C802B1271F0323734433D445989421B27964DD059759ABB6D1B1FEEFBBDF505E6D3ECE4F4B9F946713F6F4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)................J..................................................n....IH..A..~.B................#...|.......1...........................................8.......@......................................................................../..........@........... ...p...........X...........@...........H...........(...p...........`...........p.......(...p...........`...........h...........P...........(....... ...........(...................3.......0.......#...C...#...s...0...C...s...`...#...s...`...........0...................0...........#... .......#...........#...........#...............................s.......s.......s... ...s.......................3.......@...............@.......@...........s...P.......`...s...............................0...s...0...............................................................p...#...................#...@...#...........................................#.......#...@.......................s...................@.......@...s...........#...s...........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\SpinBoxStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):9683
                                                                                                                                                                                                    Entropy (8bit):4.650784716910415
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:KtcGAS9ZBKlV06nI8IgD7KCOCNoOCOCc4:RGD9qlVs
                                                                                                                                                                                                    MD5:0FD415924CB1244BAF277FE75A81795B
                                                                                                                                                                                                    SHA1:446E5BAAA1ACFF2D90397226741A8C49E4572B7D
                                                                                                                                                                                                    SHA-256:C92EA6D633E4B5CB1C2B547096D67AAB6476A9C7493ECA9773835A2FFA4E22F7
                                                                                                                                                                                                    SHA-512:2D55EAE74DF7E2A5C0FF73A0A94214F3AF139ADFE7D28B84CEB21C181CD51C53349C082E372048D58157AEE18ED653E5BCBBCD7735FEB4A604B309A0C334EBF0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\SpinBoxStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):16484
                                                                                                                                                                                                    Entropy (8bit):3.052615289793909
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:XgcoD0HWWGNC4YcxLUSTvq+Qk9J6QvbIWxCr4BiGK23gfSHYdk2486M16sZL722L:8D0HWWGNC4YYUSTvq+QB8bIZ6Y7H7j
                                                                                                                                                                                                    MD5:98C22F1835A3A21C61721E5A4B3ECAEB
                                                                                                                                                                                                    SHA1:4F2CB349BBAE643000655EECB627B0ACEE209A89
                                                                                                                                                                                                    SHA-256:C00C49876BACAD35771E023258FB69DCFD4BB7BCF301B879BE241DEBEF2FF04D
                                                                                                                                                                                                    SHA-512:372B757E60A6759DC9746C52A622DC075AF2AA44F8F92B642AFDC9BA4E73137A62858DF6D0CB9F0878E94CF8046974A397595415898CCDBF769C01C445C1DD1A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............d@......................................................3...........................#...}...H................................................................................................................................/......X...........P...........X...........`...........P...........X...........0...............`...........H........... ...h.......X...........0...x...........P...........(...p.......................#...s...@...0...#...s...@...P...#...s...@...`...s.......................................................................s...@...........#...........s...@.......0...#...............................@...................s...P.......`...#...s.......`...#...s...p.......................................S.......S... ...S...@...S...`...S...........s...#.......#...................s...............................S...................#.......0.......P.......p...................0.......P.......p......................................?.......@......E.........333333..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\StatusBarStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3884
                                                                                                                                                                                                    Entropy (8bit):4.638852057422492
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nC+CSNvd4asGbViYjJ4:KogUldGcQWFSca3bpjJ4
                                                                                                                                                                                                    MD5:D7CED5BF6D92DE149E1784EFEA96EB89
                                                                                                                                                                                                    SHA1:C29645EACB257B526A17F921B4D19463AF3382B6
                                                                                                                                                                                                    SHA-256:E9C144D88DAB0D146F3B32023313BE166BF4FC73E589F4143F4417641789F3D7
                                                                                                                                                                                                    SHA-512:4F0D7F0B447CE10875D60C2EDADA25B9864F9F9F38005C66D45531822927B93FFC6447BFEA7BB3268DC748901F53D3496B39C004B1DFC8160614AAA4A5E2A14C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\StatusBarStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3764
                                                                                                                                                                                                    Entropy (8bit):2.57807237951153
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:OqcfKJs/NqKCiNH+Dk7UYexnkVM1hk+LjzLv1QMvVZ:X4KJslf3NH+Dk7ad1
                                                                                                                                                                                                    MD5:80628C8427720CD855AE1D9903743A8D
                                                                                                                                                                                                    SHA1:DD44E5792B2BEBCC7C4EAB33BD832884FBBA262E
                                                                                                                                                                                                    SHA-256:F994868CD98CA1DDA6F6FA391F7332DD4367D0DF6797E14E06BFAF4215C97E31
                                                                                                                                                                                                    SHA-512:6E14B6F02AB42C54B97BDC4C22011F62973B1C6CDF384A4FA601F1C85493657E1CD36DB42732D5C9249A0D133D6ED6D33038F23FE2FE427E728EBDAA2D49FEBB
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...................................................................G0..FH._...u..................#...!...(....................................................... .......P.......P.......P.......P.......P.......P.......P...................P.......................p..............................................................@...............8.......8...............i...................i.....:.....@...............8.......8...............h...................h.....:.....@...............8.......8...............q...................q.......................8................... ...H...p...............8...p...............(...X...................@...................(...`...................................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s.................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...P.r.i.v.a.t.e.................................S.t.y.l.e...............................l.e.f.t.........................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\StatusIndicatorStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):9088
                                                                                                                                                                                                    Entropy (8bit):4.501823834100412
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:KBgUldGcQWVuSqw1Q8aDFxHfI781cOMKjhKhqfaLR9XpNqgqgH/mOVGOsDMqRZd5:KicG9ScHHf51cAhKhqcR9Xp+P1B
                                                                                                                                                                                                    MD5:10364A6BE9565F48A752A82424D221AA
                                                                                                                                                                                                    SHA1:D33E7D56A711AB8EC4F4776A948F5518F3F49A53
                                                                                                                                                                                                    SHA-256:50553CE68ADB869229ADE37DE56D3517947ECA4A2C0098A0F3F765329A66EB1A
                                                                                                                                                                                                    SHA-512:E6E278AFD9E9304693B341128B3E6B995438034D955CDBEBC039CA2FEBAEF4B1ED426E86E7878A0E1FA0F7210D91663E890F3F0D596A7CE5475C8ABE6139BE7D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Extras module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in th

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\StatusIndicatorStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):13600
                                                                                                                                                                                                    Entropy (8bit):3.318924337049846
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:DujRpsTYiQ3Bcepw1lzRMASWKpGMiIcMelRui+QGQeebZlWUDtKfUThOtVHMTzsr:gpzS1RHSWK0jIDti+Q2TH+uLDyuWsd
                                                                                                                                                                                                    MD5:AF3EAE476D5E90D2474651C5B7D7BA9E
                                                                                                                                                                                                    SHA1:4A4DA17884299D837684494F0CB86F82268D97D7
                                                                                                                                                                                                    SHA-256:2D57578766B0825F5CAD63BAC665F3A81E132A610C472CBE1998D1A387A4871C
                                                                                                                                                                                                    SHA-512:16472559F1B63459E9ABF732AD692B9C6DF7820DD7CFB935619C57AC319F0611F675D2F95F502E92D52A59F7DDBE190678B7CFFF031B8866496687CA404D62F2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)............... 5....................................................>..P.q8I.. .................#...V.......$...........................................D.......P........................................................................(..........p....... ...p...........h...........X...........@.......h...........@...........(...p...........X...........H...........H.......(...p...........................................#...0.......@...........3...S.......s.......c.......c...............c.......c.......................................#.......@...0...........@...#...0...#...0...........................c...........................#...................S...........#...................c...#...........................................@...................#...0.......#...............................#...0...............................................................@...............................@.......................#...0...............................0...#...S...@...................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\SwitchStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6038
                                                                                                                                                                                                    Entropy (8bit):4.651338885566638
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:KogUldGcQW6SU0ivWUa0fjra3HDT09IAY5ACDzZZ:KtcGjS0WoyiJCRZ
                                                                                                                                                                                                    MD5:FFB5F8291B67A3FC45CB766FB5401269
                                                                                                                                                                                                    SHA1:0EEFD1249ED80A0565635814FBFB856F02D8B73B
                                                                                                                                                                                                    SHA-256:56F01C435E5BD0B6ED7CFF22B68651AA2CAB6018956284E97220F6BA46C47333
                                                                                                                                                                                                    SHA-512:BD77FD4211FB1774369F7F209B0AC8CEE392B6F604CAE0B493C5505F24F3256B30BB6F2989388AC3B8C15DDDC9738A00378B758117DF4B915D69D631CC88EC55
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\SwitchStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):13932
                                                                                                                                                                                                    Entropy (8bit):2.9666680395063736
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:B/zWs6EiT0QP2fIuXkFCVJsvPdHwLfk/oZQJX8XER4+g+1FKAN6yVp8G2U:BrmvAQPkIu8C4W6Jh6yVu2
                                                                                                                                                                                                    MD5:5AC6DC7F437073B47285482FCEB98700
                                                                                                                                                                                                    SHA1:01C0A3BF912C89A0137F8A1F83D967F59EA6DF17
                                                                                                                                                                                                    SHA-256:AED23BD6DDE1C7349C3D69C3511B468016D339F272DEFFB414907A83D26924A8
                                                                                                                                                                                                    SHA-512:3D99AE7597D55FD5855853843E47F054952684D680E9B46AB2F13788A2C1760AA6FD2E294F212C1F8B0C26E5EE44DA767B8569C26C4DF24A3FE936997E6E83F4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............l6..................................................2........m...a.................#...a...P...$...............................x...........h.......p........................................................................$...... ...........H...........h...........h...........h...........X...........8...........@...........(...p...........P...........(...p.......................3...0...........p........... ...............`...............@...S.......`.......s...............s...................@...S.......`...S.......`...S...s.......s...........S.......`...............s...................#... ............... ... .......3...s...s...3.......3.......................p........... ....... .......`...........3.......p...........3...................`.......p...#...3...................c...........`...............`...........3.....................................................................5........@................333333..........ffffff..........@...............8.......

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TabViewStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):7770
                                                                                                                                                                                                    Entropy (8bit):4.62722489903996
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:KogUldGcQWHCSowyJ7pSQMBd+3X1yLv58TDjFLfoD:KtcGnSw5uCnQL2DJLf0
                                                                                                                                                                                                    MD5:D3E41A7DFE95B0183D16B0DDE4C29217
                                                                                                                                                                                                    SHA1:1E805515B389ED9DF462E58151DA0D2023E96464
                                                                                                                                                                                                    SHA-256:A5311934501B5029EE2BE2F6B75B00E8920EA05D0E96776FAE2308A5E955B200
                                                                                                                                                                                                    SHA-512:3FFCBB2087A9835BF3F9F7DD95EE4699E7BF7145E2F84EFB146A044144479B8A7545577C4A14623201EE9B7B43B23F5F37C6494EA6A2A265F0D3952485D371A1
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TabViewStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):11868
                                                                                                                                                                                                    Entropy (8bit):2.9732311206277986
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:IkVnImgIbWNvnectzJqbvwBHtLs1cOUfCfVLdEaxZK4ve7yiVNYly4EuJbABuxUe:JImgFvnBiAHgUVSlyj/gnFWeEU
                                                                                                                                                                                                    MD5:29EB9C0CFC54CD3B5C1E15CE70CD1E7F
                                                                                                                                                                                                    SHA1:BB09FE485EC75EA7A0B26BCF37C3F630D3C7505F
                                                                                                                                                                                                    SHA-256:ED94BDD63D6614740CC455B6A2F79A4502B123CB1ED4A3343F5FE0B50640B2E6
                                                                                                                                                                                                    SHA-512:4ABBE4573B37E53FA7D3BD90279E6EBF501A5FE2A0C74ACC48694F1199F6EC48D1A70D2A47F619CB5EC5BBBF187CFF01C65104FE5B9C4AF73DD97DDFB5E5D3DC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............\............................................................iO8...................#...j...h...............\.......\.......\...E...\.......p.......p........................................................................!..........(...p...................@...........(...p...........P...........8...........0........... ...................c... .......0.......c...@...c...@...S...`.......c...@...s...s.......#... ...........s...#...@...........S.......S...........S.......................S................... .......0.......@...c... .......0...S...S...`...........#...p...#.......S.......S.................................................@...............8.......8...............V.P.................V...........@...............8.......8...............d.P.................d.....:.....@...............8.......8...............t...................t...........@...............8.......8.........................................:.....:.h.L...H.......@...............8.......8.......

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TableViewStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2116
                                                                                                                                                                                                    Entropy (8bit):4.845502592991123
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:MLkjCT3QXf8WYwid0szM68qDRGNfFTNZbOWGf0HB+N7YiZTcfy9E9DsK2n:MLoO6E+iCshVKzlOWGf0hEVufy9E1sX
                                                                                                                                                                                                    MD5:C4442C528418356C4115FAC8F196E0E2
                                                                                                                                                                                                    SHA1:213BC47F6348B8D47672340BF7A510333667CA13
                                                                                                                                                                                                    SHA-256:8E717245351E3B2D37EBC2F86A21BE70DE1F23E400C4D87CE7F5FA5F7E15C9BB
                                                                                                                                                                                                    SHA-512:F4683A52E0CAA6F768AD89CB60515BEEDE6E9B3C82F4E2C9EB60AEFDB78117234016768EFAC93DE63D8004B4422616D20FC7DF1B5416EB171849531A8455311E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TableViewStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1004
                                                                                                                                                                                                    Entropy (8bit):2.482155169058455
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:0dEcqPwDSEEEEEEEA1Rs5cz3/o0clnjedPRU5Z/gxz3tXEE8M7F7Z4if:0dtlKh3w31adZ2yx7t0fwFtZ
                                                                                                                                                                                                    MD5:262001739C5D09547BF711698AA57378
                                                                                                                                                                                                    SHA1:542C07BE66E1752C4996937BC5B9093F1E9EAF8C
                                                                                                                                                                                                    SHA-256:AB15FA9144752616D41F61745D84853A6742B29F0714E3F2FECF604CC308A888
                                                                                                                                                                                                    SHA-512:C9416DBA26A796D183013318C52602101438D9562E6C0B001850C504E4AD545E4E2D407B6A56EB30C858EC68C09412E20955740CDA550780491BADDAD0A71731
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)......................................................................&.d}...../.._................#.......H...............................................................................................................................0...........@...............8.......8.................P.............................p...............8...`...........................................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s.................................B.a.s.i.c.T.a.b.l.e.V.i.e.w.S.t.y.l.e...........................r.o.o.t.................................T.a.b.l.e.V.i.e.w...............................c.o.n.t.r.o.l...........................e.x.p.r.e.s.s.i.o.n. .f.o.r. .c.o.n.t.r.o.l............................._._.c.o.n.t.r.o.l...................@.......................(.......................)...D.......................T...T...`.......`...`.......`.......x...+...,.P.x.......x.................P.....................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TextAreaStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6192
                                                                                                                                                                                                    Entropy (8bit):4.708157783383541
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:KogUldGcQWESXxAygFMCOXyNoLyCOXyct:KtcGxSXxApOCOCNoOCOCct
                                                                                                                                                                                                    MD5:8C8C3A28F50309394B4688ACA4F59612
                                                                                                                                                                                                    SHA1:8B7F68738C1F942FE4B610054F4D57DE636AEA27
                                                                                                                                                                                                    SHA-256:F9D62727679FFB17D42739D59F0F5198C24650649C01CF0DC124EC413BD6BADC
                                                                                                                                                                                                    SHA-512:ACA39C177EED0F4E29AC2060973719DA681E1F345E969AAA0BBAD20B82929286C83584409FAADF5BCC75C857474DBF096CB981F380859E09E8CA297882455303
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TextAreaStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3804
                                                                                                                                                                                                    Entropy (8bit):2.9788986979942
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:Xgk7lPTO/HdJJP2yt4NO506TfrC6hCXyqWZnS7227WCjRIRLTGqWaSu:wWsdJJPbt4o//rZnS722aYuNj
                                                                                                                                                                                                    MD5:E186AD3BBEE2BFE191E336D6AF0606F6
                                                                                                                                                                                                    SHA1:2326AF3D4DFED90F1843776E06C32BF7AB154291
                                                                                                                                                                                                    SHA-256:882D8F257942FD7AA75E0902185509BF351043239344E7A16360B71508A1BB29
                                                                                                                                                                                                    SHA-512:439670D5F4C1C12220A2B123C8909FE374FFD1EB2FDB9ED4C572A62887E2631676E532B311D518A3AA85C2A49CA54746CCBEF3BB07897C3132EA3455012473D7
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata).....................................................................W.?G...J|.[.U................#...(...................................................t...........................................................................................(...........8...........s...............s...............s...........s...........s...........3...@...S...`...S...p......................@...............8.......8...............D.P.................D...........@...............8.......8...............J.P.................J.........:.................@...............8.......8...............M.P.................M.........:.................@...............8.......8...............P.P.................P.........:.................@...............8.......8...............S.P.................S.....:.L.......:........H..".......@...............8.......8...............d.P.................d.....:.L...:.H...:.........0...P...x...........@...h...............0...`...........@...............p........... ...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TextFieldStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):8423
                                                                                                                                                                                                    Entropy (8bit):4.6776172765953845
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:KogUldGcQWM/SRYv8/SNU+gEClouvAH/ARII/jYlPbDPMCOXyNoLyCOXyct:KtcGXSg8KW+B7YRI0MdDkCOCNoOCOCct
                                                                                                                                                                                                    MD5:70657CB2AB96E3A4FCC0C1AC76F19C77
                                                                                                                                                                                                    SHA1:E777DE5D90103D2E607AC2B32F09347D28A49DDB
                                                                                                                                                                                                    SHA-256:ED6D8C14FCEFF917C6EEF857723B8085F444A456B95044A01DB65A9E0202C8BC
                                                                                                                                                                                                    SHA-512:1D3AAAE1EC01AFBC588E99C37CC4C7DCED8B68F2BBA3385A973BF2F9ECCEFF761E4898AEAEB00A0C6438746B88685C93FD56A144A182B558DEE2FB0EA5DF1F35
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TextFieldStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):11912
                                                                                                                                                                                                    Entropy (8bit):3.0076432378041207
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:OWARNnxqfSpUZJ5PbIn4Bf3gHmQG82EUfWzoZnS722TNQmocR2lfjxwg:OgfSyD5K2ZqdRyx
                                                                                                                                                                                                    MD5:79C4AA822DBF54F902AA7761A986FC32
                                                                                                                                                                                                    SHA1:F955A75E130D0D83242E1BDC9B58C47EDFA98FEC
                                                                                                                                                                                                    SHA-256:0B2BD0EB29890928A2CE1CB35771216D83356E6412EE2EC4A99F2C7BD551C4F2
                                                                                                                                                                                                    SHA-512:11ADD93EC0A8ECDAD3F064765CBE401B0747CFD68C8449C7D82F7940E948A36999C4C8B327865B73C86C2FBB13D9B4561566B8EDCB07D965DF86DDCD709D0D09
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)....................................................................#..R4X.....~.................#...a...................l.......l.......l...M...l.......................................................................................P"......8...........@...........@...........0...x...........`...........8...............X.......(...x...........P...............s...............s...............s.......................#...0...C...P...C...`.......p.......s...........s...........p.......s...........s.......................................S.......S...0...S...P...#...........s...........#...............s.......................s.......S.......S.................................@..............E.........................{..G.z8.........333333..@...............8.......8...............H.P.................H...........@...............8.......8...............Q.P.................Q.........:.................@...............8.......8...............T.P.................T.........:.................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ToggleButtonStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):10258
                                                                                                                                                                                                    Entropy (8bit):4.560115668765665
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:KBgUldGcQW+S2VLSjsLnLG7+hNDMO+Q99Orr+MR4GmwN7Ghw2FNJ/6kDsSAT/l:KicGRS2Vgszi7Ih+Qmrr1EN56kDsbp
                                                                                                                                                                                                    MD5:6C045E9D4AD44B2868CFB552F60828BF
                                                                                                                                                                                                    SHA1:B8FF107C21CA58A23F3D849C625D269DF2646124
                                                                                                                                                                                                    SHA-256:49EC038431E24C713F223054DBE5A9D8D4106D785F5EE2D108B5FC7103C4C0C6
                                                                                                                                                                                                    SHA-512:6691A18B70C835A43B4B23095B31AF82BCCF0466F04A6B2FB6A3685A4E0F659AEDACFF53340B440500216640579B4DBBB566D28977655BA62387F23C2082CBE3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Extras module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in th

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ToggleButtonStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):19112
                                                                                                                                                                                                    Entropy (8bit):3.0806405770648277
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:YsqDcQYI9wCpNgxLqCU4zh3AFDN3+zxkzKmTUpjz5Jvb9hk2DJ9M+:/49BKLqCUO3AFDN3+zmpg1dBEz+
                                                                                                                                                                                                    MD5:37A875A70A5540176BB2331BC138686C
                                                                                                                                                                                                    SHA1:67598F96DC00335516454D909C0144221A6B13F3
                                                                                                                                                                                                    SHA-256:B1D13F6791A85302AB2C0C796C51CE61C7B10F37E946858C43E8B65F1DF02DD0
                                                                                                                                                                                                    SHA-512:B1406D00CD9AB9A8436B0B2CD79FB81D0CEEEBED340D805FEE8B6D6D58DE770FB00AC4BCB5AD8197C6F1C31048084DD9A55B5CBA20797B5205DB99862369C4BE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)................J...................................................N...."....5....................#...v.......:............................................................................................................................5......8...............X...........0...x...........P...........X...........H...........H...........0...x.......`...........@.......(...p...........X...............X...........8...............`...........H........... ...h...........X............................... .......0.......@...............P....... .......`...s.......s........................................................................................... ...............0.......................................s.......................................s...0...s...@...!...c.......s...`...s...@...s.......s.......P...c.......s.......c.......s.......................3...........................................s...................................s...0...s...@...!...c.......s...`...s...@...s.......

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ToolBarStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4448
                                                                                                                                                                                                    Entropy (8bit):4.635039369223241
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nC+SSVvj54cPQXJ5Vv2X4szt4fjFJZNnGeY4:KogUldGcQWlS0c+5/K4h24
                                                                                                                                                                                                    MD5:BE7A015302F2FD4F7A3851063C5C97A0
                                                                                                                                                                                                    SHA1:B412F4522F28BFCC30A59BC2283E773CBF64FDE5
                                                                                                                                                                                                    SHA-256:82D476FD3675E5F4AAF622EF0211835D859FBAD6E718FD5F100E9AC328EA4A0E
                                                                                                                                                                                                    SHA-512:46D3E7AE4B6BFDAD98B867615308801E590121AD78BA2DE5A2418439D9887E3075B5C24AE77C45A99BC6883B42A5979F26A24D082F65D1164391955F3100CD8B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ToolBarStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4316
                                                                                                                                                                                                    Entropy (8bit):2.61400987106961
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:SBA9XVOZmiJs/NqKCi1wHmmJkSxceOlnkE9sXQt+tQ1lsVphkT/Qo92G:4SlSrJslf31wHmukUAwtIlF
                                                                                                                                                                                                    MD5:016A0563C92EEABDA4F4C8CBB0DD66C7
                                                                                                                                                                                                    SHA1:0C378B76037F6EABBDC66525436021088A6E2106
                                                                                                                                                                                                    SHA-256:AB7E8AC23EDE538F60EED3145B4BD018BDFA555B9E4DCC6AA23DC9A0262B4756
                                                                                                                                                                                                    SHA-512:9E4BC7AC26C3B63FB306E453EA3E4FD614404F504168E344B1DC51955238BA9A9B241BC01E15C6EF9B632CE4D2F164400DAEA0B02A4102BD2848094A9836E8F1
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...................................................................v...-..u.....Fq................#...%...p............................................... ....... .......P.......P.......P.......P.......P.......P.......P...................P...........(...C...C.......C..........................................................@...............8.......8...............]...................]...........@...............8.......8...............d...................d.....:.....@...............8.......8...............c...................c.....:.....@.......#.......8.......8...............|...................|...............(...P...............0...X...x...............(...P...................@...................8...h...............0...x............... ...H.......................................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s.................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...P.r.i.v.a.t.e.................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ToolButtonStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4334
                                                                                                                                                                                                    Entropy (8bit):4.665613385293802
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nC+j+DIypJR9gXxXOXjQ7i1eipD+BrMX+sf:KogUldGcQWi+DIO4XxXujQO11+tMXTf
                                                                                                                                                                                                    MD5:E6F68E889EFF0EF731F480A5FDE7D338
                                                                                                                                                                                                    SHA1:8BE57E64A6B9F620E132B88E2CB363D94AAE3696
                                                                                                                                                                                                    SHA-256:195B734636F3B55789CC07BADA134D37AA256BE989D4BDE8E10456C598DEABF0
                                                                                                                                                                                                    SHA-512:D3F7DB5F8C64E07A2B764AD9BCDCAE6833B62F58ECAD81C88E9E2C413E4CF641EF3F334392972B8559CF0455154C1038AB21E267D25398510B297128093143AD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ToolButtonStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):10104
                                                                                                                                                                                                    Entropy (8bit):2.924174275372791
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:0AdyIxEVZgVG4vYJNbxHdfQHmRY2gNETu7EtYTG33nWy0Y+XN:0AdyIxOZoGAYne+W0SN
                                                                                                                                                                                                    MD5:15DED7FEB1E06EF760B72EEDC5E98275
                                                                                                                                                                                                    SHA1:874E85E63B79222E7E1A4496A5EFA880642E936B
                                                                                                                                                                                                    SHA-256:05B9B9214F2EDCDEE9A0524F299D24FDE570C5D53A723C3BCF0B7ADE3B4EC641
                                                                                                                                                                                                    SHA-512:EEC0FC6C4676C975F172253F641249A39D1745A95435ADD2812242CBE59760C9F5DA65CF041DE1381DE025CC3C372641D457DD083BF30BF0C9A35FF992413C44
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............x'...................................................D.|..[J...!.M................#...U...@...............X.......X.......X...J...X.......................................................................................x...................P...........8...............X...........P...........(...p...........`...............................s.......3...........3...................`........... .......s...............0.......@.......0.......P...c...`...c...p...c.......................................0...........c...................c.......c...........c...........c...........c... ...c...c...@...................c.................@.......?........$.......ffffff..........@...............8.......8...............3.P.................3...........H...B...........8.......8...............6...................6...4...7.....L...:.H&......:.....:.:.|.....:.:.|...............:.L...H..|..........@...............8.......8...............8...................8.....L...:.H.......:.......

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TreeViewStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2813
                                                                                                                                                                                                    Entropy (8bit):4.866384722770099
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9EM+suBXZ8XOCNI:KogUldGcQWau
                                                                                                                                                                                                    MD5:B6069EF62D8936486E3C0C6892B302AD
                                                                                                                                                                                                    SHA1:84051674AAB7B3A78B09980148B6923737CD55F3
                                                                                                                                                                                                    SHA-256:838C9D6873D47CED64C308981E88265F2CF80F42540B94411B28C3A5EF930349
                                                                                                                                                                                                    SHA-512:FF30D8E3C85C7279D325D142CD16C445E21D97DA06BD9FEFA24A27675E6A5068AABC7F0953FB328994F2F0CA7E3466DC5DF274141166CAC544A3FAD010A30149
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TreeViewStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5060
                                                                                                                                                                                                    Entropy (8bit):2.8276072694539485
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:BhYmpm/vsODRJB9bXQDe4cSuL7RF8NHrlAv4:ImpWvsOluISuoTC4
                                                                                                                                                                                                    MD5:534F52D55631397F01CEC619E9E5345E
                                                                                                                                                                                                    SHA1:DD2EDA795D89C9CC2FBEAA3D13DBBD45359D1C86
                                                                                                                                                                                                    SHA-256:2057C9A5BA4AEBE84B910FFBE098C7CC37F9EF629C3A348EA2B3CF20A71ED249
                                                                                                                                                                                                    SHA-512:F45757F36D79D1B3F7A8AC81C1175443F3BE4976A5A5EDE35F7C0C1BDA40B41CAC75A2BFC6EDA62F8A8072FEE153A7CF27FB73FA100C2B14B4583D4B2266C5B5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)....................................................................(.c8sUP..<.K.I.................#...3................... ....... ....... ....... .......t...........................................................................................(...p...........`...........H...S...............c...p...c.......c.......s.......c.......c.......................#.....................................@...............8.......8.............../.P................./...........@.......".......8.......8...............B.P.................B...........@.......$.......8.......8...............C.P.................C...........@...............8.......8...............4...................4...........@...............8.......8...............7...................7.....:....h.L...:..........@...............8.......8...............8...................8.....:.L..*H..+....@...............8.......8...............9...................9.....:.pJ...:.L...:.H../...@...............8.......8...............;.......

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TumblerStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):12873
                                                                                                                                                                                                    Entropy (8bit):4.629428348660201
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:KicG+pSto6U19Emc9W5gZddj3fQSiz1G6BrY4OY4Rwdr27rF:4GJeV1GWO/djhizI6BVOXg23F
                                                                                                                                                                                                    MD5:5EA000E9BF0E1CCCE4233B9BF5AC8916
                                                                                                                                                                                                    SHA1:811CC28DB468D3B5B5FFDE90E27EAE874B055372
                                                                                                                                                                                                    SHA-256:D23A90DB1D8B0DD7E49F7F83CF9C8BA510B2A14125A452F222F82068822457AF
                                                                                                                                                                                                    SHA-512:E79AE8E19F7C13E0FA744BE2E97A9C035A41244FEC17A915919544B5D193CA193831D4C0EC79F357A60B5F36A0E563F129CBD16B35313AC26BDDF839D7DA8CC4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Extras module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in th

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TumblerStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):14420
                                                                                                                                                                                                    Entropy (8bit):3.294718942358016
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:jjQBGdBHm+JFAsx1R1jbLLtV3VmUkrSs34KSjA:fG+JFBxiHIKSjA
                                                                                                                                                                                                    MD5:AD204A63BE5871E9C87D5D9A50F675FC
                                                                                                                                                                                                    SHA1:2B20A8B62836690C4EE7A08CD5F1A56FBF520B79
                                                                                                                                                                                                    SHA-256:CF8017E03F6392DA885B39F72482367107F95F9E6183D3AB483DEAD3190507FB
                                                                                                                                                                                                    SHA-512:DAD7D3F47811C2958FAA27ABF72872DFA26A160F682F5E6BCCA7D1BEBB84C2F0AABC708F9DEC964579C09082CAA015012C8052AE8D93E790BA776165A2DAB67A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............T8....................................................i...X....E.................#...s...................D.......D.......D.......L.......................0.......0.......0.......0.......0.......0.......0...............8'..0...x.......(...p...........H...........@...H.......H...........`.......x...........3...C...C...s...0...`...P...............................C...C...s...0...`...P...........................................................................C...C...s...0...`...P...C...C...s...0...`...P....... ...1...@...........P...........P.......@...........................`...p...p............... ...1...@...........P...........P.......@...........................`...p...p...............C...........................p...........C...C...............P...C...s...........`...........C...............................C.......C... .......s...0...............................................Q.B.....Q.2..(\...$...Q.....R....Q..)\...(.................@............. .........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\arrow-down.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 7 x 4, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):99
                                                                                                                                                                                                    Entropy (8bit):5.3926034695973195
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:yionv//thPly7tJXzRUyxlXsV7Xb+khWmj/mleup:6v/lhP8HUy8xPhLm8up
                                                                                                                                                                                                    MD5:9E26601B6D0263DDC931B562739789DA
                                                                                                                                                                                                    SHA1:CFA26B6B614F9434FE8CF4C332672F6A99F1E030
                                                                                                                                                                                                    SHA-256:0D0F06D0E93C8A2F28DA6838BB0BDC9B46DC79BBF0876DB9DB7DFD86B133CB9B
                                                                                                                                                                                                    SHA-512:198CF67FC584DB1953069D3BBAF7B5011B8C8A4766212DC22FD1F1C28BFE577102B53A31AA6BACC060FBD3D2719720CF61D67850975067E91DA2A09D956DF905
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR....................*IDAT.[c`......2081|.r.28.I..W.W .?D...;....b....Y.....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\arrow-down@2x.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 14 x 8, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):138
                                                                                                                                                                                                    Entropy (8bit):5.913104986410572
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:yionv//thPlZLtsSp/uugkuXrn7hd94lVF3G3psqA/75dp:6v/lhPGSp/uPz7L9Ke3te75dp
                                                                                                                                                                                                    MD5:2A3FA1EC3B03ED9B5FCF208CFBCA80AA
                                                                                                                                                                                                    SHA1:44629674E7BEE50279125EA993A253FCE734B3C5
                                                                                                                                                                                                    SHA-256:B78BA36EF95DEBB02D5216BC9A2B92F6A9EA20AE90D3985EB44829A358894ADA
                                                                                                                                                                                                    SHA-512:995E7BF9BBE1FFEFE0FF8382AF49721C493D71E4CAA4551C3AE05D13C3C79C17EA10066683310A8C3CC68DBDF5F7775AAC58629CF17E98F250F9FA0DF74393A4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR....................QIDAT......@.............,....93Q|.?.p8.......0`ox+.%i..c....'...|C....../x.VCI.`E.b...2....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\arrow-left.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 4 x 7, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):98
                                                                                                                                                                                                    Entropy (8bit):5.206412870756318
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:yionv//thPlJ4tJ6JYMsA98MCnAFttpTSQ0OoXB1p:6v/lhPst0JYMs0fpSOojp
                                                                                                                                                                                                    MD5:A2D915B434E9F0B76330C66CAC462E93
                                                                                                                                                                                                    SHA1:552A2047B07A7E4394A43ED34CAA1C4CF170809E
                                                                                                                                                                                                    SHA-256:E3EF46A5A48C488F2AF7E46440E28CBF292A8E640144DFCAF896682409994C1A
                                                                                                                                                                                                    SHA-512:825EAC978A84893C45F886EF947D4435DDAD7065C0783E9F6203C39DA27DA225DE64A61BABD550D40CA892D42B21CE79A8203D427B6E8B8DE5C7AB1374CB3E8D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR..............l$[...)IDAT.[c`..'.........d<.S@.;.W........g....i..].......IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\arrow-left@2x.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 8 x 14, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):139
                                                                                                                                                                                                    Entropy (8bit):6.070522563629401
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:yionv//thPlvfD4aFLzDCO6xdhMHo+cGaauHo28ydQeup:6v/lhPeaFLvC9R+cVTI28+Qdp
                                                                                                                                                                                                    MD5:34CFF14C6287AA225F809A2B394BE44E
                                                                                                                                                                                                    SHA1:7B5C7F8A2C484D118E958CD9D366CA95FFA01B6F
                                                                                                                                                                                                    SHA-256:C5C3D15C8CA417E66569FDFD69EDE83F6A9F338524E55C21FFD86F11880E4C8D
                                                                                                                                                                                                    SHA-512:05A19D498BFBA572CAC54048BA7F4C6CDE7D3FBFCD0EAE6BBD6C344A3AF56BE128DF7E06C95632C24752781708515ECA7C775D0EA9E705C700215B8B81A6C1FA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR..............V]....RIDAT......@.C.w..@..-.....Tl...AT\b..b....k.....F...Q..=.1a.L...."...S..wjI......<..#......IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\arrow-right.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 4 x 7, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):99
                                                                                                                                                                                                    Entropy (8bit):5.230333101040782
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:yionv//thPlJ4tJ6JYPBxldLmKXEUvsjlkojg1JU/1p:6v/lhPst0JYpdKKXEUZojg1Jcp
                                                                                                                                                                                                    MD5:1480A736DFBBA89EF423FB99829C8C30
                                                                                                                                                                                                    SHA1:58327CF559EEBB4F88B193090F5F7E528C0835AC
                                                                                                                                                                                                    SHA-256:ADA31CABDF339314064F905EB072A0895EC07232E8287A9A22BA82A34FADD378
                                                                                                                                                                                                    SHA-512:AB4AEB77294EC83484A4352D8D51BAF7A41ABFBE3C940F7BA9A04BC6114FDB6DF146FB5A40F1A47D903DFC46C5641A9FF09DE632CC2B6E950D82FE5A8DA6E3EE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR..............l$[...*IDAT.[c`8........2.B. .;.........F10.P.....:.......IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\arrow-right@2x.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 8 x 14, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):148
                                                                                                                                                                                                    Entropy (8bit):6.179148904370533
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:yionv//thPlvfD43Pl9k0yonHpjv9cl1n2KWT7D3EutkXYJsg1p:6v/lhPe3Pl9kc9HrVWKp
                                                                                                                                                                                                    MD5:32BF30A66C6FF87ECDDDBB59D974FEE6
                                                                                                                                                                                                    SHA1:4FB8DAC785E763F3A629497159EFC6AE94455625
                                                                                                                                                                                                    SHA-256:2007018F329B461364A4E038AD5CA032152A3D25B06394D32E1BA1EDBF2DC27E
                                                                                                                                                                                                    SHA-512:D374181CEF3B4D66C599FD9CC12BBC12F161CD1B5EE4FE2516CF9872280ACB914116C4EC896A180C9B0C6BB879B516E183FC9CF3DDB159611417A4A17C617971
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR..............V]....[IDAT......@.@.Q.0...hK0..l....LD.>.....X..`P...^B..B.. A9..9J..?......xc.|b....;..0....}8.$.Tg....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\arrow-up.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 7 x 4, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):112
                                                                                                                                                                                                    Entropy (8bit):5.6716991238441095
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:yionv//thPly7tFfJ2Exiy9ofXhfNy4hZYDxDJnF2g1p:6v/lhP8xJj0tXhfNy4PYDxVF2up
                                                                                                                                                                                                    MD5:BCBBB04747E7558F52BC6D92574201EC
                                                                                                                                                                                                    SHA1:29FECA33E341D21367DDF0055E016377F2A758DB
                                                                                                                                                                                                    SHA-256:D06DA849C008079507F4951696C0C049D080CBCC05D757055D8C98EC23C810B8
                                                                                                                                                                                                    SHA-512:7ABEDEBB35119549443FB98CDC9D9C1FFABAE951C3554A992CB84585A9D51A0211E198FAC33D41E0859494057E3FD35BE1AD904995921F34A191B02E8474A5C4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR.............B.%}...7IDAT..]...!......[.]\.&_......D.hXh.U...b/o<!.a......&.".,.......IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\arrow-up@2x.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 14 x 8, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):155
                                                                                                                                                                                                    Entropy (8bit):6.234159177694252
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:yionv//thPlZLtsSp/dseJ00onnXAeqgLiIJ3KgahBctIgjauoHSXB1p:6v/lhPGSp/u50onnXAeqEiNfhOQyTp
                                                                                                                                                                                                    MD5:BB0A46E6C1771A779201A47145C61ED6
                                                                                                                                                                                                    SHA1:2CC14C4871251DA64879C921A6F2CFFD8E5D397A
                                                                                                                                                                                                    SHA-256:E3A73C4AF918665D2FF75FE367E207FD71AD96FF9502D5120586A92D4076ED34
                                                                                                                                                                                                    SHA-512:5AD68791A5FD50C9A38988AF39D1AD9124937A4ECF925EF9D65536B7108491BCE7EAAF3D84B2C70A3D19EF0E5F107AD2E15EDEE40129B52A60BF0F91C9489F52
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR....................bIDAT.......@.E.CzP.S...2.2%.....I.$>..w.R...S.k~...R[._B.X?P.bhB$...2.....E..j<...........8....../.4[....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\button.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 68 x 30, 8-bit colormap, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):554
                                                                                                                                                                                                    Entropy (8bit):7.052906621637133
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:6v/7qFyVzV4Pd4BWgpKNoqW96qWd6RDk9wavyjl7LhYjiBflJg/:ZyVOCIgpKoLchdQk9wr73BNY
                                                                                                                                                                                                    MD5:7D2A593CE15F1C18ABE05C4BE7B623FA
                                                                                                                                                                                                    SHA1:FB6D3E41F21C23B430C91B08477BCFE78BCB0409
                                                                                                                                                                                                    SHA-256:BE15DA1B5DF9D4DB06BBC55673731E3FDE23E82A3983AE7A560B9DA1203A65AD
                                                                                                                                                                                                    SHA-512:F317EFB953B2B50A5F321306D6870679CEC8FDEAF660729C616ACA070474B9A47B4DC1125FAE56CDFF5ECD7C9EE73FDC982CBED0FA5AED1B633B5A3BD2056CDE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR...D...........H.....PLTE..............................]]]..........................................................................................................................kL,|....tRNS..........$&(/0...............&IDATH..KN.@.D_uzFb..F......!F....I.1..E.D......^n._.....=.,....4.....Z.o.z...2.s....{....."22.J........S5..1R....yN....p..Sd.i@......x......a.yN.u.JV..Q..I.@0...s.l..-}...n..m.N.........%46D J...L {>..c...[%>.k..h..>.c....*...s.......l.....5.V..Yj.l`.,.a....f.........>........?..]-.?.....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\button_down.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 68 x 30, 4-bit colormap, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):203
                                                                                                                                                                                                    Entropy (8bit):5.889660105398947
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:6v/lhPmv5bdss/YbwxklpLO/KYmufyYFa8up:6v/7Aq9MizLFai
                                                                                                                                                                                                    MD5:30086C443E196DC76E4B63449E6EAE76
                                                                                                                                                                                                    SHA1:225856C88F9C9F27FB7EBE7FDD71ADCD11DAA228
                                                                                                                                                                                                    SHA-256:292DA1564CEA53FC63203D0184FC0F2849C169AC3EC948A0344C31B674ADA3EC
                                                                                                                                                                                                    SHA-512:B3DAC0E218C50D5CB8984EF670390C602D8F427E45599D2CFA12D89E98620A0EA60BC0BD7D02AE27E19A6596A2CBD013CAA962C80B2457DCB0F9DF289AAA59BF
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR...D.........g(.....0PLTE......III.......................................\..\....tRNS.. ......?E.d...AIDAT8.c` ...f.....{......8....&0p......0.dT.pV.NX..a%.....V"2=...{g..d+J....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\check.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 10 x 11, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):176
                                                                                                                                                                                                    Entropy (8bit):6.151672179013188
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:yionv//thPlH0tvl/24hGnlMWnZ/Cy49V+tVq/26yVjk5xoNpfKZSKVglzfDl1UQ:6v/lhPOtvI4hbgZ/CHV4EAVjCo/fRKK9
                                                                                                                                                                                                    MD5:B4FABDCB9968F11AD8F464A0DC1E195D
                                                                                                                                                                                                    SHA1:F6B40549F93AA73DDA93965D494704F51E2B2AE0
                                                                                                                                                                                                    SHA-256:F47290E13D80210EDBAD66771068146D2C2B81FC444448CAD4DDC5D5FAF733D0
                                                                                                                                                                                                    SHA-512:A9BB46B285499E40AA6B0D87C82A9CCFE925B30D28DA7F0B2099CA8DF4365211664AE4BB124B3E857F31222DB320F08CBB1F363EEF209AFB7F4FF80CC5E93E4C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR..............g....wIDAT....!......s.@&ZW..m.p7X.....X1Xl...a......'.............Bc..;.5......H,.....]..:+..Q8.h........^.........P...G..J........IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\check@2x.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 20 x 23, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):417
                                                                                                                                                                                                    Entropy (8bit):7.342741240452635
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:6v/7+askHuEhsylgrZWI11YO1JnSC0wgDiIOHt:zkHC71REZCymIw
                                                                                                                                                                                                    MD5:94E4C2FD0E6F3A5C2F5EFDE68238F52C
                                                                                                                                                                                                    SHA1:5A5756076EB42B6B19C047882537CAAF0ED999FD
                                                                                                                                                                                                    SHA-256:F645F3D5464155BE90FB470BFBBCCCB0D4A821B1BBD7A19CFDE462353387FC78
                                                                                                                                                                                                    SHA-512:71835DF6CF370E14C7EAF03C69565CDE8F3FDC31CD6A53E9E8596B89AED203925A73B18FCBCBD5ACC0E1D949F4779F4F6A9A02F71A8F75F451A0DEBFFE96EDAA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR...............o....hIDAT8...K+EQ.....%dx&...........@H.H2._..m.9.EQFF...2R.....Z..n....}.......P.W3.>..".....k.../.B].di5.`A.Z.&.B..p|..>..+...%X.7..Y..VpY......0..5X..}7.......w...\.....[.8.A.Z..d........Xz#..VwF..O..eX.'.......(.+X.<}...]...*..\.T..).:.&&*...t..p...A.[..<.3...g..:.I.d..e.?Q.B.......ju)9)..y.....@.w.!\7`...w%E..z;u=...S?....r..c........~...K.[..]i...".....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\editbox.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 68 x 30, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):416
                                                                                                                                                                                                    Entropy (8bit):7.3708761233550355
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:6v/7jpJOtqA0d8rRVFTfOY9GX10ykOv9jq3:uHexrTdfH9GXRksq3
                                                                                                                                                                                                    MD5:36929CFB5F181721B79C0027AA0C7A66
                                                                                                                                                                                                    SHA1:0CBF1BAB50D4CD36987BD5FE5C621FB48AA5B8CF
                                                                                                                                                                                                    SHA-256:B206EE4D86B6A279ABAADEF8D674495066BCA353479BF4EA7ABFDCC645FFC3EA
                                                                                                                                                                                                    SHA-512:9DF12E1BFC96A3C879551B624C1E07A3D04A29B42E206C06D8193BD1363F36459C2A4B2CB8D19D322FCDFE2CC61B42787B35F74AEAA10DE7654AC5784E3F5B30
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR...D............#...gIDATx..1O.A.....3..X....N..7..C...11...*Z..9. V&...,..F0h..n..dw.f^6kD....0.n.l0..Y...H..:<.F..8........Z.f...[..,...7...m.v...$...].'.(...y..Jahs......`....|.'~...... r@("Q..Xk..n\d..aC....#........[&f..l....s.........D.QA.&H.o..gW.hd42...!...D......FF..=D....G..b...0..3.....T*..x\m6...v...i.d2.H?...z.6I......-TD..(.^.......9...#.T..".+0.........1[......IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\focusframe.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 65 x 30, 8-bit colormap, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):271
                                                                                                                                                                                                    Entropy (8bit):6.184821585791818
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:6v/lhPqIltGmQ6dJq3El3YciKebcww3dsdtOG04tN3VwjKJ1yvRp:6v/75Mp6SElom2StstVVweJ1Q
                                                                                                                                                                                                    MD5:71B79B7CC09908BA6F8FF40C0EA10510
                                                                                                                                                                                                    SHA1:22388DD933F089701310845226EBB790B7EB8513
                                                                                                                                                                                                    SHA-256:DB272A7593D3CD66AA2BEF945C96ACF62BC0BDFE458E11CE20C72BCEF5CCEACD
                                                                                                                                                                                                    SHA-512:AE1570ED60A621BB14B15DAAF20D65838EF81B245F1014070135B39CA5472442CC53BDEF6024834356C30608FDC087D543FF93392BB5C0E464F26D14E3D5BB7F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR...A.........D.U...EPLTE....f..................................................r..q.!7..8..9.a.'.....tRNS....#'<<=>?@@ABopp.....D......bIDAT8...... .DQ.".c.H....<......p..j+...).Of.....!..{.....2..m>3.`..&..p..U.[.z.....'..".HE.zH.}?...oB.6....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\groupbox.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 98 x 38, 4-bit colormap, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):225
                                                                                                                                                                                                    Entropy (8bit):6.052488438839991
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:6v/lhPMa2sRVg7hr/2ztQ0gVcP04F8jesU/Yp:6v/708odRHBVjzv
                                                                                                                                                                                                    MD5:A78C4CA79750EA1BCE8914B870E7E5AA
                                                                                                                                                                                                    SHA1:F7A96194B043C552FE9259934B9A78A8AA625601
                                                                                                                                                                                                    SHA-256:4470E834BF1A8C2EB025D651ED5BBC71681AA898388AE17F8B276E8AD641A0B8
                                                                                                                                                                                                    SHA-512:2B839324A3247E0E4AA20A283541C4037269A197874CDD99FB53E68641A67C8A9B96A9D1036FB3D087BCA62CFA77BD77684F8CAE6C389717B48DBC3597B9E0E8
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR...b...&......BSG...0PLTE.....................'''^^^ZZZuuu]]]lll[[[fffbbbf.K.....tRNS..........244579.^....PIDAT8.c` ...YE.X...........Q.$...eH..+..E.th....1.cT..z. .l'...m%........zp;....DL......IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\header.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 21 x 19, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):383
                                                                                                                                                                                                    Entropy (8bit):7.316897675335883
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:6v/lhPu9jK09x49vwpNyNSa7Rb0BA35eP6VNoqxQyNZ3JBaWCFoa8akWWvRJyenr:6v/74/EaNQ7t0O35ee60vOLSa8bNRMer
                                                                                                                                                                                                    MD5:9B795F12D86235B8053696F858CFF40D
                                                                                                                                                                                                    SHA1:E7E36F304EB356D5358A422A1C4AE5CACB4BEF19
                                                                                                                                                                                                    SHA-256:FEF52D00A955B35D50FAAFC08C9F0C6C55D4BC35B01000200E13DB44B59EC9BD
                                                                                                                                                                                                    SHA-512:4A0841C0A1BFD03DAE83B5B991C069CD0BC34FF06A4C990A189A3023AEC494DEB6AF376A94FAAB9E2BBAE2B4147AB67447768CBF39D2CC67272623011C602456
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR..............NF....FIDATx..K..0.C.....9J.VD..%..v...D.m.$..i.~.~...m.u.8.m0 .`...+...H`..E....".'].xygd....V..".. !L.0......%!...T..yK4...u........a)\..Be..@JiV...D.gM...J~.BI...R.....,`.5......k7...".8|j..@...C..~1...i.{...D.N.M..G,...hh5 .>v.)..P$YQ../w.{.,w.ii+..R..j)......6.l*.._...........J..*7..r..&<-.S.9..........(.q..7.-....E.c....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\knob.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 58 x 59, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1703
                                                                                                                                                                                                    Entropy (8bit):7.847758130427772
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:rmAlUclYkw8yHr6gUjDQoFT5HfEQ583AS5Nou:rpWclZyHryVXsNQgF
                                                                                                                                                                                                    MD5:02945439ADC155CF30AE30BB93EC490E
                                                                                                                                                                                                    SHA1:3CA68D3D1410EDDC124876F36433CC888172A93B
                                                                                                                                                                                                    SHA-256:455D05DDF72D76B5A3C8B4633FB19493511DA4E04719D308DE7A7F152B516B6D
                                                                                                                                                                                                    SHA-512:FCD330CB079AE3E24D2664384AF53A4E1D76AFC1E611B18B488EA037827A1B0144195B038B8A4ECEA80ABC6922AE3CF5A0B1321DB3EDBD85DA7647FB219601F4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR...:...;.......Q....nIDATX..X[l.U......H[E.....5.5(..`....}PcT..M..E..>.`....$..I.I....1"BB...!...i!......9..;3.?g.rQH|`6........7...]...&....[k..k....,.z....].P....H.\,.7H!.[..t.;...k~.]........y ...... ...O.U...*V........5...U...1.zr.'.s3>....z.+ $.P.A.h.....:.n0....2.....'..&0..$.f..4C...4..yr5...O..........P......zr.4a..T...\.Pd...../.yG.W.....*..\.').+E....1 1C..7.._...T<w.. S.6$....._.........,.x.+....C....i.LLYr......2....5.X~.N.....?.GDa.NH.v..|f.X.a.f..s....)....M.5....i.N........,@.F\.<4.....}.O/m.....G.h._...]..r......p.....U~^;..<...s.@.......[.,.`.W.,....`qP...*..C,.:./.M[W.....~..Wi%.....U...'xb.F..o.4.Mo..`.]..K0.8O...Pc<M...8....R....\CC9.N.Q.1....y.......H.h&Ft.......G:.-X....aztn.a....nb`I...^.g....h{..j....3.. .h)}.t.$.PFA.M..-...l....R..V......Q..M.....:4m.1U%..W...9..6..9l.-..l@Q/.LM......u/Y.........=4).s^y.:9.d...D#.&.J....Y...1.....a.J..&.%.\z.....<.i*.j.^........7.1..m.o2.....O..P.=..+..D"..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\leftanglearrow.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 21 x 33, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):206
                                                                                                                                                                                                    Entropy (8bit):6.337291568109683
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:6v/lhPHbkIstUxG+21n4eD+m4NMEFtoMSjp:6v/7PT6WG+neD+PjM
                                                                                                                                                                                                    MD5:A6F7DCBF0C95F2EA039AB48656F697C5
                                                                                                                                                                                                    SHA1:21AA8F782F61D6FCC2DF6A473952D3CC429A1D97
                                                                                                                                                                                                    SHA-256:83D96C6CF82EAEE7684DC663B3072B10CEE5C1B3C9F9F1C49FA7BA32CFFABC40
                                                                                                                                                                                                    SHA-512:5293FF25CE5E37413F19CA752A993E6B1EA22D553EB6BD9796751E94D82DCBCA1644D608B0C50F7BDA426FF78F110FAFD9BCCAA73A0E8B4FFD6261788777BD59
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR.......!.....6..-....IDATH.c`...............b0...@C?....S......4..Q..F..D4... .S.....(.e..o..~..d......r@./...H?.IPJ...x.. ...b. ......2p.`........A........FU...2....n.O'.5......IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\needle.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 17 x 201, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2036
                                                                                                                                                                                                    Entropy (8bit):7.7960008441887965
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:L8S/XFZMsP9ZpnE9JiXKfZq75Yk0ylh5a8Z0p8f+NLcb:5Xw/92Qtora8ZtWmb
                                                                                                                                                                                                    MD5:2DE13EEA606A194431BDCA46C69B9D66
                                                                                                                                                                                                    SHA1:AC820D4142AF9CB8DB6091760F00E818A37F471B
                                                                                                                                                                                                    SHA-256:DE0BD47828AB9C6929A5452D96B5C6AC13B99C0E3FCC159C885EC15A4CD3E2C7
                                                                                                                                                                                                    SHA-512:5C3245BA2257244CAF686C0C5B9DC4211208EB33D1BB32F8EA64F7DCFB613FB57F1064C928A2567CE83524D1995F20069EA5B8E4B2F2FE4DA9267F746D0D3D08
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR....................IDATh...#E........@...;.TH....C.@b?[X...F..r.f.U...u..F..(.T\..\.n.....sq.... ....O.[.<....A8.....?.u.....".....'.g..k.8....E.=.....~..*XpI.ac*G.Ok.#........... ...Dp. ........c.....K.q...p...a..*p.R.,...K.....@.m....b#A......F,./.D...9..D..@v'.O....Y.kch.{..i..>...$~H......7i........-A\..~.O..\8....>..K..}|....8..A'...!.t..P...4.|..}*...nZ.w.t6..&..O...3:C<..C..~.V,%...].y...I...O...S......h..'...\....|.,.~a.AlG...y2...i..vu.....'..+.8&`...:.x........S..X._.9..9...\z%S.b..I........AH..j.Pw-v.Ny..!.y.y.[...V.+.nr.Oy....j.......e).[.......2.M9V....N..6....D..u*wd.%y...em.R...@........p.,r.x..'~.'T.$.I.n+.....2...Z.........F....pE}.w_C..5Z.....O..8.O6...d..N......9O...Ci.K.(..jg...I,..J.OE}r..8.W.<...b5.x..d./y.Dg...'<....U..gL....W.d&.).r..'...jy..'D....j[K#..K...,.kS..O6.'V..t......K..R.....D..D.}5.-".5[...jG:_.X..f.K...".D@%Oh....B._..F.Q..e..J.X..6.}....Hdl.U....\..}.i.J..f1.....K..<......[....(N.wRX..u.Zr.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\progress-indeterminate.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 60 x 38, 8-bit colormap, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1453
                                                                                                                                                                                                    Entropy (8bit):7.436248461607645
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:pGy3OXplLIOIs/+mexpuYt2M67hZzPZgOM7c1glYa83T1QRLgqIgqJpa:pG7pVIE2mebZgzY7c1SYbRQR8Vgq3a
                                                                                                                                                                                                    MD5:D6A834191405EE2D93AF835999A0F3B0
                                                                                                                                                                                                    SHA1:7707D93FFD845E9A4EFA36DCF054093F6DD3B6F2
                                                                                                                                                                                                    SHA-256:10DD5915F0352AE3A58B1250E449660537AB36FF0B70DE6F54D3E22AF4EDF0D3
                                                                                                                                                                                                    SHA-512:A45F058E954E7CF1F9DC3967CD0D150706DC5B9D3339F0B4791610E5CDB59035B3F8FDC2F812A7202AE40A5AEE0C5EAEF0D893F6A28B6488845B33B8B885982C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR...<...&......o......PLTE.............................................................................................................................................................................................e.....?tRNS...............................................................k>/....`IDATH.M..r";...}..a.Y....!....-...k$...U.QY..#.(..D...w.......,.H.{.Qh.)..iL.R...9..5(qx...>.K.5..y...=.$.Gi}}kS2..|J. h1.$....R+.@.>.M...9.p.....Y*E,P..!.<..!@....M(y.V.%.\...,/.J.R...O....5xs.........;..K1.p..D`...3..y.W:G...~...zY.~.|....j....s...3.e.....\...B]1<HC......>..I|f~...2..a../..f./.>...f.Z.>.$'..U?..8f.Yr.....Ii..^>|.........c...........)....~.-.......:..?..Mm....#0.|SI..:Gf..J..P..-..am6.~9.7.\d.k...Ed.n+l.<....'IL.G..........V.y.)-..._.3.9y..s.7..+.$..V..9.fdf....T..g..FPo..u.]U.Y..E...xf7o..........*..b...gF}...I..z_..K..y.{...1{..O7[<3...e]...~s...\.".'.7'.....L..X....a.75L.4H.9..lt6...$]x...n...WF.{1W.s.d...*.3....ngE....r..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\rightanglearrow.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 21 x 33, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):228
                                                                                                                                                                                                    Entropy (8bit):6.39399325133142
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:6v/lhPHQWw/kIWhbPHHmIqHaPUdUA3x3y9wuTp:6v/7P2sIWbPHI9dUxR
                                                                                                                                                                                                    MD5:01D831D0914774969825F38B3B9C7211
                                                                                                                                                                                                    SHA1:380F64DCC9EB7B2279F341A5FCC0BD95C941FD39
                                                                                                                                                                                                    SHA-256:CB264368C0D4801D4DB4C56653F57671D042C591AE24824C62E24D5545890DE7
                                                                                                                                                                                                    SHA-512:15A13F029B81CC824D46628E80B87A6807A534B658BAE608D67642AC7F5A961E6019CCD795F00FFD6301BF4BBC2678AFA6F2E4592E762D92954839525D78AFAD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR.......!.....6..-....IDATH.c`..`...GM{@....@,H-...=...@LU.5F........,$.F...Aq.h...J....{....+.+.1.0..d./.z.@...i52.@..*.A%.......).....JP0P.F..g.........%Cp#bp.!...T.8....<......6...;....OB........IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\scrollbar-handle-horizontal.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 66 x 17, 8-bit colormap, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):825
                                                                                                                                                                                                    Entropy (8bit):7.181170546983538
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:6v/7bjVM6O85n9u1pA5bNNRQ6gQTX2Eu2i2V7WaD+E9yqw77POBSNVYk4w+7Q2bp:CilanypGNRQ6puE7Wa1yqk7PMM2bBtS8
                                                                                                                                                                                                    MD5:98B77977A191E201FE872FD67EEB76CC
                                                                                                                                                                                                    SHA1:54DAC271DEF15A91A448C0BB1D81D1EE3B7C831E
                                                                                                                                                                                                    SHA-256:EE8C1C4B11E8A4A50B08D7597583A0D3CD74E7CB9B77DE47FE8CFEE71B3E4B5E
                                                                                                                                                                                                    SHA-512:EC25398A9B34192A6BE506209F071D0F06EE567FA898F099D9DC9ED97A547D32DA71CC7D55452E7B1331204870E76831D6995BE04A5103D8175784E3E2EDF41B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR...B.........^......&PLTE......................................................................................................................................................................................................................................................................................................k.......tRNS.................IDAT.....q.A.@.WG....a...Xf{.b..0.e..p........l+.>.TI.nVb..)>e.*..L$.w^XI{..w.$$.6X%.....H...n.d.C..b.u....r.......HJ:.xW#........^.U..E..^..m4..RO5.y[.....|...v.%.a.M.s.g...z.B.ddj.A.Z"..|..m..ln..'+<y.%....<6.%b%.rs.8.h.4l..nA.9pq..'7m.....0PL.......(.LUh.H........8.....?M.&.-...^L..3...0JYzI...L.U....S)>..h..P}.k.G..dm.<E.........mPy..a.^.W./.K..f...h@g......."d.YhC@@.ln.|......+.jO...FH...(i..*.. ..!.....;.#..3*....DD.h.t....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\scrollbar-handle-transient.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 17 x 17, 4-bit colormap, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):153
                                                                                                                                                                                                    Entropy (8bit):5.417362301449934
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:yionv//thPl8DBry666666JRl/hkegCt5hGZgg1mmmAplms2mEKON1jltB1p:6v/lhP61ry6R67DKqt5hElHmAplP2mEF
                                                                                                                                                                                                    MD5:A134D237A48910A55C7AE34FFD5ABA46
                                                                                                                                                                                                    SHA1:DB72AA287A8FDB2E0CC0FB778AA7E9F2CC5B0E1C
                                                                                                                                                                                                    SHA-256:BFE3263258A144CD9D2B85B6CE4CA15614E6CED6BBB263759DEACEF83C61CE92
                                                                                                                                                                                                    SHA-512:B4BF5D8BE626D0B3980441607F2AA00A370CD70AA06B5187CEACF4C45A8F6A168C09FCC86DBCB47802EAE891D666E14030E18C9A1AD98F50DCF15E608E8AB579
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR..............CZ.....PLTE...............5@......tRNS.Y.........5IDAT.[c`@.F....C.K.....B`..#..3......a.P.B....a/.[`.....%..&.....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\scrollbar-handle-vertical.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 17 x 66, 8-bit colormap, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):839
                                                                                                                                                                                                    Entropy (8bit):7.084145875349208
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:4PJlanypGNRQ6pQlBL5z13aTkITPvn4ymZnIohGUa:4Pgyow6pQl5V4FP4yshra
                                                                                                                                                                                                    MD5:37CDF30009E9CB143DEDF765F1C55BDC
                                                                                                                                                                                                    SHA1:6FB1DB37A28E11B8DB7311BE340E64B89FAA6D4B
                                                                                                                                                                                                    SHA-256:329501784A775761531C0E82B2E74CC9CBA464C0A38E93DB3323054C5F117D56
                                                                                                                                                                                                    SHA-512:1A52BE2341932150206B7A380B444EA23E3452CC4570740E11119DF67B2A554073971C079DB2794AEFF516CF0E608266092252F685E2D674FA51293DE90DF8E3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR.......B............PLTE..........................................................................................................................................................................................................................................................................................h..S....tRNS...............IDAT............'%]rHu.0U......gj/............_.s.._wgr..=..$.=?(......".y..4.Lw.6kT.K..dl..xV..*af^3..X.:.Z..q.u7...5s..F.}K..Z....Z......s.b....q..y.. ..f.. FR.['?........N....T.%^.Y...=.....c....`.N.{..@,3.w.xT..7#6rG..% .....^......j...V.M..8.....8G.....[......G........(..g.7..[.t..D.a_....+...m..r4ba..M..vq...EX..{.. .]..a...M.....Q........}....[......~u~ .>..cwY...G........zh..f....s3.kf.x.ywtz.#..z.v.8...3...{....w....18........A.('X.H.....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\slider-groove.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 66 x 29, 8-bit colormap, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):565
                                                                                                                                                                                                    Entropy (8bit):7.197419983507909
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:6v/7ljaGgjivMGmrAQIZmxE6LeyqcKRKAq4efxVi7NU5LCtfGQmMcSQa1I:mjdsivbmc1cLtjFMNJfTmF6I
                                                                                                                                                                                                    MD5:2F055CC607C1CFD46EE5AABBB1672353
                                                                                                                                                                                                    SHA1:D1EB517C6276C6C3635B075728C1F52E4027F796
                                                                                                                                                                                                    SHA-256:D2BCB94DDBCB5803B9270F782ED52C7B6E0D1FA9AAF7DBFE6E41971C0CEBF46D
                                                                                                                                                                                                    SHA-512:734A7B816B541C295BD51FFD1AF7A601E62594C07B82B9FDC4706CFCFE84D59ECC22E5F35205ECB5883FA8C5B71A4BEA6A6585DC8ABE073865461168617455AC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR...B.........)RJ.....PLTEDDD........................gggnnnhhhhhh}}}~~~iiilllnnnpppqqq...........................................................................................................V....tRNS.FG\]]^lm......|W.U...0IDAT8O...r.0.D..-.W...ev.JV.. .-...: k......o....._.y..B..q........oK...=p.........q.....!]...8r.c_d)...b.M.`.....qTw.....@..4.ZQ.....H ..8.gn`%..l.....!.c.@r...-...L.0...w. ...)O.zY..g...t..6..j.........s.\...s.,..^.-..q.c.[.nWy.-........<.;.x....Wt.g.....I...u...0.G"..t...].9k.....).3.......IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\slider-handle.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 68 x 30, 8-bit colormap, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):524
                                                                                                                                                                                                    Entropy (8bit):7.0709053737113985
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:6v/7qFyY4Pd4BWgplmtiCGbtSyZ1ddm5p6Dhovl+4cg/i:Zy/CIgp+oniDvl+Q/i
                                                                                                                                                                                                    MD5:5E45C866A18ACB5A644D250701644FC8
                                                                                                                                                                                                    SHA1:2A7CC87A8182CBEBE930F0050E092E77978549D0
                                                                                                                                                                                                    SHA-256:C78405B156497C8E84ABFCB97340FFE1CEF4599DD27C3EC4BC8FD282F90B556F
                                                                                                                                                                                                    SHA-512:33D04F540D12A90F968BCE8C647FAB409AE88C638380E11F031907D05A10DDF77414F2AA4C579B2BB6E99B6C47647819DB10D74D83B596058FB3A25C4F405CBA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR...D...........H.....PLTE...........................III...................................................................................................................tRNS......... .......x!.f... IDATH..MN.0.D.........%....'i.5...S..=..j.xpb....D...~....e.wP..S.5^....8:..p^...s.."..P.....AV.W8E....S5..1S....}..d.S8T.%r.4..Kdz~.......i.}N.1K%+P.(.$d XnW...9O.B....c.(x..m^"..y.q.\BsC....e......l..b.!..]Z.6.)N.b..."..#...34.q.Df...:...T...[..iJ....8...........;D;.H......].D.....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\spinner_large.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 128 x 128, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4723
                                                                                                                                                                                                    Entropy (8bit):7.85765721156218
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:lYwiXFuqU3B7ZKDogixWMKvubbolOJi1JTrLEFDWI4gGI:l1iI7Zao+MKGb2OJi1JT36J4PI
                                                                                                                                                                                                    MD5:C27FE30DB418E02A6373E9B5E5B5647C
                                                                                                                                                                                                    SHA1:713AC1F8D6A98301BDF8AB4B0EBFC7AB491F8D3C
                                                                                                                                                                                                    SHA-256:C1FA1F01861AB7BB548BEDD730A4B120C797987DF10CF7BD2809544387C7AE1F
                                                                                                                                                                                                    SHA-512:D7A434C360FCF97E2C17482ECE0A43EF987D32AC5E71A1118F9FDA98CC484998D2024F5BF37311DD012ECDE9B5ADD71D556216AF355CAC39D42D5C2897A5C0ED
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR.............i7.@...:IDATx..y@......E<A. j..F...).,. +..}.}....,..r...).b.. H..l...54}.7.M.Ic..^I...........3...*.n..G.)I.....{f.ay.E...[....BSC^.i.......<.,;...WES.Q.``[P.(3 8.Q.]...W..6D..R.."n.......wC.C^.y%.UL..k...^...tO...7....Z@W@n..h...O...L...1..2.).....L.............W.eb.6y...N........M.0E..S..}..~o..9._..<.....9.dL{.X...q. j...#P................3~...#..&..h..S.b.bn..Fc....@...x.......;._.......4...........@%...........0...J...S.x.S.1.7..n.....J.?..@n..b.r..b...}.x.q.%7..!.7..q.r.7..D..[.:.U.@.@>...cz....%3/Z.'<u....@ @.......g.k..U.x..}...3.|.........._..H.....,.....@-.}.........{..j.g..zj(.:..-.p..[...R.@....@.....k._...W.h..>Q.0$.p.....3......... ..3................<M..~..DI.5LJ.\.`l..9.......'....z..._.OtI.I........0.....-@.. .PV.....<./.u.....{......x..IR....t5i@..Y.(....k...uN.....;..{4..G......~........0J@Y.. ..b.R6.....S........{..y...6.4... .Q.j..%..An.....).....G...~K.a^.~....>.....3@.....;...=*.d...s....I s5...c.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\spinner_medium.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1621
                                                                                                                                                                                                    Entropy (8bit):7.8462829500141025
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:DM70+IKZfOaCF+eC9c2W+0lXBPcFnWFIJ:DM70BKZGa5lczMJ
                                                                                                                                                                                                    MD5:BB0FB3EFECC4C2BC51011009116ACDD9
                                                                                                                                                                                                    SHA1:B6BCFD12A2A045D08FD3D37EF99583132A883952
                                                                                                                                                                                                    SHA-256:0F620F218012ED6FF30809046CED5CA372327454B59C0B4D9501639BBFFD3CE0
                                                                                                                                                                                                    SHA-512:CD454AAC39BA774A47A7A0098BF5540B1AF9B7B9BCDA9F9258945AC1550E51E83936DAD3B6C8196E430B52338859731CC0262357376027D38F890C928127DA80
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR...0...0.......1.....IDATX..}lUg......8hi....24.......E.d..Pc]..C...Y..[G....-ALt....$h4.Q2.2^........H.....{.=..}...{;....9..s_.....=.9.s.ick6.Y[a..akB....v...o.....7......7.sZau.\...w..B..+.W.....V...z5.YE.. 8...D8s(.../.g...,..}....Z.x.......%.).:.....yl.[..GX.E`. .b....40-...A5.FsL....*(8s....u.:....[l.3b....O2.&.U......:Wk3.I.I''...v..p...j.k...!0gUM%.F=.....|..]H#6LsF...:...xg..{>.5....:..p........ia]...b.!....}..:.W.....%.#.(.bjm.......-..../...G......*y..w..V..h......4.H...8f...S......U.zu.8`k....P...Q...3.q.v..P.....18...B....`.'c2E2..S.U|...g.b..[.kO..r...."Y...g.a.f.uV.p.._.&.m.:D.L .M=.h.......n...w.<@....iQ.....y?...v..8M...';.7}.........I...w.[...#(......Z...$...o..1.X..T.T;......"..O..;`.rw"Q# p/.......O...X.6>.._.x....`...z.].`..|.\..g...rM}.....n|._...G..3....y.6..].V...G....t.G}5:x.~RuZ`.v...o..]m.[..........,....>q.6.R.v...d...;.......0..........:........g.v~....\.B...#.%.........K..,NI..'j..~&.PJ..UnN_..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\spinner_small.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 32 x 32, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):998
                                                                                                                                                                                                    Entropy (8bit):7.72561165556165
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:12H8Q7cyzKX+GUlIlxepggs9AEIPmIHZ/OUm9U3Z8D8XvSf:12Hr7c+GoQxepKAPPmYZLmS3Znaf
                                                                                                                                                                                                    MD5:DD123E59D08DD2E80AF3F527B4FA19C0
                                                                                                                                                                                                    SHA1:78214E0D0B57E60538F8A4968613A4A863D69558
                                                                                                                                                                                                    SHA-256:8C31E6F37EEE27E6BEC02DBFB6452B9F0831D6586E47DCE4392E9FBAA07ECED5
                                                                                                                                                                                                    SHA-512:23D04B0BC9ECB49F3B5D6A4A03935DF52E7DA28007A65E9F9F0EC92A83F94F818B00C1CB78FA03F31746C523F76689387EADC93285EE74CF9EC99052AEC7C9A5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR... ... ......s......IDATH..Oh\......f..&i.m...-(.,zP....."...E.x...hz.D....zP<6..j E\..l.R.`U.,lbM....73.6.4.d...x.c..7.`.........P.._...D.......{....B.3.54.Q5.j.N....z&..|h.4...&....?*VW.<.>..m..].PSO\]...k0....up)84.?*..q.8#.@.......0$...{.Upx}...1...{..........8........t:1...UHs..1,t..Y&.._NTn..HG.........O.l..(.<......H..[...-..o._Oo.....hh06./...8.>.@[.3...o~z...]..E..........yR.&.&.l|.t....)...F....K...\.&'.Mc.......=.....t....B..q_.......V......k...7l..5.5....jb..y.(.l~.A.hg....L...%SH...$:..@H.z...R>Y.. .`0.d..U..7b>$$.\.SSc.Gg.........K.C..^\m.0...=r..#..........a\l.....b...0..&&&.Cc.....25..N..g:jt.X..oo.0UHRS.V8j.5. FS..}.....cZ..5..-.....:<.&R.=VX-..^.c...i.g...d..E..V!i.|.t..r.Wm..L("U.:./...L:.<.NC.w...sE_6:n.C.$@@...#.Go..Ba........Z...5..4..t].0u.z.F.4j......]I.&....`..1.1K....FWg.R../...<.."$...........L(Ng.*.G.+Z.q.s[.n.q.ZXbja..`....."...~..n.&.5x.@.K..5.......pg.......9&t.$.-..s.e..._EC..+..6....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\tab.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 66 x 24, 8-bit colormap, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):390
                                                                                                                                                                                                    Entropy (8bit):6.983802265794423
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:6v/7OX/VvA7tCOoPUgvli1vmDwSqd7cMQ:JXNvAUVQ1vQqd4MQ
                                                                                                                                                                                                    MD5:993BFF22C0CE8B494EE40D5C0FCF7656
                                                                                                                                                                                                    SHA1:FC273DD2567073EBEF5CEE52CC300148128627D7
                                                                                                                                                                                                    SHA-256:57B1AE0988C615082705698CE38D82B0AEC46BC11141ACC62F16554AF1F27820
                                                                                                                                                                                                    SHA-512:55E68688EA4A3F9E8AD803A75981CCF8FAB75E40C52369D6EDE66E213E4F5A9401C18D0971AB2F07C46DC3195D1DCC3DA3D27CD146EEDB2E48F3EF62D31A995E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR...B.........y..K...fPLTE.....................................................................................................R......tRNS.......K....IDAT8O..In.0....<#...0sSW....4....".Zl.8.qK.>.7..Q<__7.z......P.Kc.@{.h...,..ND..L...t.!Wg.:=..V_p..g.[...5........1+.+..L?..v..".....N...n.`.=.q.1........o....w#]{.....$.....v..N43..=[..7..........IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\tab_selected.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 66 x 26, 8-bit colormap, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):437
                                                                                                                                                                                                    Entropy (8bit):7.193635323117587
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:6v/7/dfTXAVW3o54JRkLUUFwKyAqGaoqEFc/hc:krP3zkLNqAqpfC
                                                                                                                                                                                                    MD5:8511861D8ED8A8F140DDABDB9B3920CB
                                                                                                                                                                                                    SHA1:EC61FA8B96DE733CD56D720872D8CB9E89D713F4
                                                                                                                                                                                                    SHA-256:B118F88D8D57201E2BBD1F1DA01FE348D3011EFC83B3F909B21C7AB2DABB87EF
                                                                                                                                                                                                    SHA-512:2B3DF5E2E8FF187631DFDC5BE3196FF9509F65B304D025F41F5201830197744C6E724B974B38DBCE28A5284B37488D45B0916C60B94BBFCD3FF466FC7D63A84B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR...B.........4Wz@...uPLTE...................................................................................................................p.+....tRNS........@....IDAT8...AN.1...#.$>...........d...3.......DC.\.....B..HO......^M....#p>h#i1....d.;...`.X6XX=&...S_zl..+J.qyq..g.t...lb.'kMF-..wy.(Q.l15..n.(k.g..e..k......m..d.A..)...=.....;........}..|...%.f.........|.T.V.l.....W-..=C=hTB....S..!Z*Ex....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ApplicationWindowStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2037
                                                                                                                                                                                                    Entropy (8bit):4.83051031007633
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:MLkjCT3QXf8WYwid0szM68qDRGNfFTNZbOWGf0HB+N7YiZTcfy9kXbY:MLoO6E+iCshVKzlOWGf0hEVufy9d
                                                                                                                                                                                                    MD5:54013A441AF69B499098EEA96FECE200
                                                                                                                                                                                                    SHA1:47877BFA803C0838AB0A47342911C65EC071399B
                                                                                                                                                                                                    SHA-256:05E93F38D7C9FC61DE783DB9DA2ECB29327EEFD0C1D8C9B39AD9B90224C7170A
                                                                                                                                                                                                    SHA-512:1B8B33D378B91319A31FE773BCAB7E0069E9F60CDA1D2CB35EE0FD92B39CCA2260C7246FA6AC37AD24C66765E0FD380E8B6100E31CAA99B5C9B0DB2C72B07B79
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ApplicationWindowStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):580
                                                                                                                                                                                                    Entropy (8bit):2.1708732850837653
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:K1CUsZEEEEEEEla1ck1p1h2Kbu/Jzxx8PIGC+SEEAsFslfsls1v3DD:0aZEEEEEEEA1cs7s/NsII8FEfEEv3
                                                                                                                                                                                                    MD5:6B179A892EB3C222E74B1015125574A3
                                                                                                                                                                                                    SHA1:9D5942C4D207ADD75A2F87510F48E136CF671808
                                                                                                                                                                                                    SHA-256:58073CA53E6FDC9221379B48400961CD18D20B91199B070C1496D843839C2C68
                                                                                                                                                                                                    SHA-512:C96A87F1B593A0D243DD0A0105947A43579864903622DA5A868D84DBEE33B046BA691BD338E9FBA0654FB9BD3BBA0E382E53C54B2107C399BBAE7F2D980E0333
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............D.........................................................7.v<St..................#.......................................................................................................................................................0...x...............................................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...S.t.y.l.e.s...........................A.p.p.l.i.c.a.t.i.o.n.W.i.n.d.o.w.S.t.y.l.e.................(.......................(...,.......................T...T...T.......T...T.......T.......T...*.......T.......T...........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\BusyIndicatorStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2033
                                                                                                                                                                                                    Entropy (8bit):4.829978509699591
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:MLkjCT3QXf8WYwid0szM68qDRGNfFTNZbOWGf0HB+N7YiZTcfy9kXe:MLoO6E+iCshVKzlOWGf0hEVufy9z
                                                                                                                                                                                                    MD5:2DCD6E429D59C09BB08C9EBB65AF183A
                                                                                                                                                                                                    SHA1:5A9E200CED0F4D6202BA8E1BE082EF4F8EF6412C
                                                                                                                                                                                                    SHA-256:269B14A439279C1B28E2D66093E42C8CEC9F9EC4A6996633B263CACA6460FAC9
                                                                                                                                                                                                    SHA-512:084C5C7C1F22C6D2378436592EB3B51593471BF96FCFC13D8CE1C95978E6B073BB3BB88C5B084ABC3F2358DFBD8D6F808FDFFA74552A39E03942BD621F4B4B28
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\BusyIndicatorStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):572
                                                                                                                                                                                                    Entropy (8bit):2.1347223362915777
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:K1gdVkZEEEEEEEla1V1p1h2Kbu/JzxnIlGejcpAsFslfsls1tt9DD:0gd6ZEEEEEEEA1/7s/NBIdAFEfEEPR
                                                                                                                                                                                                    MD5:D863D0DD0952C18FD4E9360B2F34718E
                                                                                                                                                                                                    SHA1:BFE6EB71818F3E8CAE5901E856B25384C275CAC1
                                                                                                                                                                                                    SHA-256:51ABD93FD84BAEEBC2DA078765B616044C8CD256A49D4DACF9080BC5678B5930
                                                                                                                                                                                                    SHA-512:3A91942DD207CF084601DA77D7E440A956B09FA0AE0A0B9A0D7FE03B7C83D936A8B89CC1EF137320BD87B8E89151D8695A538FBFF58FB4E90F266A70E562191E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............<...................................................^..^.....Zu..d.................#.......................................................................................................................................................0...x...............................................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...S.t.y.l.e.s...........................B.u.s.y.I.n.d.i.c.a.t.o.r.S.t.y.l.e.................(.......................(...,.......................T...T...T.......T...T.......T.......T...*.......T.......T...........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ButtonStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2728
                                                                                                                                                                                                    Entropy (8bit):4.844188917143975
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nCsPByFTJWjr:KogUldGcQWOPByFtWjr
                                                                                                                                                                                                    MD5:A62D007DC5671CB3B7E899E6C80F212B
                                                                                                                                                                                                    SHA1:D3F14DE84264D533D2262F3A9AAF52010D9677E0
                                                                                                                                                                                                    SHA-256:56BD787A33ADC129D41092CAA2E38BAC074F0ABEB9430CA2EE134566D12A55B0
                                                                                                                                                                                                    SHA-512:7FE3FAFEBB599129FD7B058D58C388A8825D93981EBC600B47814389D9C10CBF5B7D13BD65D06E34E9C4B78E2F84A65817C557755D32A2AD75B04D29229F8A1B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ButtonStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3888
                                                                                                                                                                                                    Entropy (8bit):2.8820989016726157
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MxmfEhP5JXvPVAepTOmmJ/qhoDvxtxxqS44HhxIJEuMcInTdabBB9yv8p:TchhNnVammJ/iovKy15cInI04
                                                                                                                                                                                                    MD5:B901B398784E60D8B49EDB3DA6DA8586
                                                                                                                                                                                                    SHA1:FCAB78C872587748A664C7EE28A46904CFF0DBDD
                                                                                                                                                                                                    SHA-256:FB9F937080FA55639A19F244A830354FF4BF8351A4D9ED817603B5AA98E329F0
                                                                                                                                                                                                    SHA-512:68FC2D755A35EB58AF5F4775E523E79D67FC21488905FB4EF10FB82E84B8505ED995BF4EB002B1087BDF9EBFB3349C12B3079C035EF203615F57F0DF5E914459
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............0...................................................5...G.,..j......................#...*...8...............................................................................................................................(...........X...........@............................................................................................... .......0.......`...p.......................)...(...........@...............8.......8...............0...................0.....:.J...:.L...:.........@...............8.......8...............1...................1.....:.J...:.L...:.p.......@...............8.......8...............2...................2.....:.....@...............8.......8...............3...................3.....:.....h.L...H...:.....@...............8.......8...............4...................4.....:.....@...............8.......8...............5...................5.....:.....@...............8.......8...............7...................7.....:.L..$H..%....H...............

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\CalendarStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2027
                                                                                                                                                                                                    Entropy (8bit):4.825830727934058
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:MLkjCT3QXf8WYwid0szM68qDRGNfFTNZbOWGf0HB+N7YiZTcfy9kXC:MLoO6E+iCshVKzlOWGf0hEVufy9z
                                                                                                                                                                                                    MD5:D557C09A026B8492A3517007BF4B222D
                                                                                                                                                                                                    SHA1:3031C85AA4B93F676578EFFD1F11ACDFBBB696E9
                                                                                                                                                                                                    SHA-256:15F50D0791445818E933E80650BAA16A94D3B9403B216D87FEC1B5E340D1F267
                                                                                                                                                                                                    SHA-512:DE7854EB35483025D55B08B3A6F3CED06AA90258D0816A8A2DED72B4E981417DD4D22A9B7C5071550D37E8514BA3E06F3F3F46BB453496C16FFFEC505EC414F3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\CalendarStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):564
                                                                                                                                                                                                    Entropy (8bit):2.097938717140605
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:K1O8llqZEEEEEEEla1s/81p1h2Kbu/Jzx4oY4cpAsslfsls1tt9DD:0LqZEEEEEEEA1s87s/NRUEfEEPR
                                                                                                                                                                                                    MD5:5A89A0F87B38EBDFD141B7C0CA47CD5E
                                                                                                                                                                                                    SHA1:868239DFC2D42CA3B16D9742402ECE499681C45A
                                                                                                                                                                                                    SHA-256:84059D9B8DA7327659B61B789D36FBCBC179B4A5A0EC77AE67C661CD65FFDD1F
                                                                                                                                                                                                    SHA-512:D6A99E53727692831B3C4A4DEC0CC168354C9F6349C2EFAC704170A057D10513B9A71E7497A30D2CE3A82E9473A491AF118DDB09354533DE27B942271E65A1A0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............4...................................................O.I.".g8.km..J..................#.......................................................................................................................................................0...x...............................................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...S.t.y.l.e.s...........................C.a.l.e.n.d.a.r.S.t.y.l.e...................(.......................(...,.......................T...T...T.......T...T.......T.......T...*.......T.......T...........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\CheckBoxStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4043
                                                                                                                                                                                                    Entropy (8bit):4.635695740291305
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nCsauKRsCxUu2oM6XRatjM3CSnhHTXgv:KogUldGcQWOauKRsO2oMC+MSS1LS
                                                                                                                                                                                                    MD5:52AE42A1BF76186E365F0A7F96E639C8
                                                                                                                                                                                                    SHA1:A09A8EF26CCD91155014D86AF57F85FFF3970867
                                                                                                                                                                                                    SHA-256:E4CE3E2C356FDC11F7D5AE4029602CDBE5F40E103CD482281A8D9F8EE6EB9936
                                                                                                                                                                                                    SHA-512:25EF63D9A6A175785EAE639CB135BAB3FC920016EA5F8D53194915F86EBC96FF4943C02A484DC85573CA298160EA1F440F5DA56E92AD62C9A2D087169DDF8553
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\CheckBoxStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):10368
                                                                                                                                                                                                    Entropy (8bit):2.9760807685194948
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:c+q6uYuathFdYDT8t55EUIJ/SQfSo/8J2hEbcKEpcdKt9aaJYBL1n:Rq6uYuatXdYX8tTRJdvKjzY3
                                                                                                                                                                                                    MD5:54B06488173C0917B17A21346788B595
                                                                                                                                                                                                    SHA1:BF52EF898609D50469FAD744445F6932C40FE7FC
                                                                                                                                                                                                    SHA-256:D9D2892E4CB04C73E37CC96AECB4D70A5BC953553CC1DA3C23831E6687500AF0
                                                                                                                                                                                                    SHA-512:11E62A7CEDF3D231C33D054BC0DC0B6AAEFFA0B58FC084B0B68AF3D3335309E93C4AC8C0B7EC7C140F2BDEBA7CE682BB91DE66C92C32027D051B050ADF7C90B9
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)................(..................................................!2q..._.9i..K..................#...^...................p.......p.......p...D...p.......................................................................................P!..........0...x...........X...........@...........(...........0...x...........P...........8...............h...........@...#.......#.......#...........................................................#................... ...3...@...........c...........p...........................................................................p.......0...............p.......................................0..........@.......?........U.......@...............8.......8...............0...................0.....:.....@...............8.......8...............1...................1.....:.....@...............8.......8...............2...................2.....:.....@...............8.......8...............................................@...............8.......8...............

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ComboBoxStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5292
                                                                                                                                                                                                    Entropy (8bit):4.717869540578657
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:KogUldGcQWV+JbB+LjqZyYBAQnxg1AJzenItNx06gVgyx:KtcGZJAqACgDgyx
                                                                                                                                                                                                    MD5:9CEA0D2F653C5E0536C32175995E7EB2
                                                                                                                                                                                                    SHA1:BADC1B9758A4FE56402CEAA0B421E2AE734E5384
                                                                                                                                                                                                    SHA-256:B8EC881A35CF7E90154D2413CDCD53C2B131556C22E96F542FD934FA3AE34C83
                                                                                                                                                                                                    SHA-512:9D64E98D56A30E2D1937B4266008A65A510F773C2750B26695B61B4549F8780F53B29FE8DB23BD0D5B513D3CCFAEA61B578E7D2F5C894E47F4D6E3FCBD2F9ECC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ComboBoxStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):12384
                                                                                                                                                                                                    Entropy (8bit):3.0196205930970814
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:8Lbg/sUI0NmNgAgJ5JtQ8wP6EhEJAb6vPTQfnton0KS12HUTv50Ebj7kzFvV2oBj:8R0NmN7gnjTe6EhwAZKSthD62zXNB
                                                                                                                                                                                                    MD5:F1939F603E679AFF9A6E6EBBB7789E4D
                                                                                                                                                                                                    SHA1:C4E5A6272EDE507CE5E96D91BD778E775B63D2E6
                                                                                                                                                                                                    SHA-256:DA56ACEE4F1B71ED0425B79C5B169CD33D248D59E9D2841AF842DC456A6D7E3F
                                                                                                                                                                                                    SHA-512:7AAE758EB5EF225E524DFA88ABBD598500AEF7E97B635E665F2797953B73F0E3931BC5A9595C1F0008A885743B4DA055B2ABD8C381457EE8E75ABE284952CB5B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............`0..................................................b=|.....!Ir~.P.s................#...q...................h.......h.......h...Q...l........................................................................................%......H...........@...........8...............X...........0...x....... ...........8.......8...............h...........s...........s...............@...`...........@...............@.......s.......s...................................................@....... .......0...........C.......P...c...c...........p...............................S...........S...........S...........S...................................c.......c...........`.........................................@........~.............................l...........@...............8.......8.............../.P................./...........@...............8.......8...............0.P.................0.....:.....@...............8.......8...............3...................3........[.......pp.........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\FocusFrameStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2261
                                                                                                                                                                                                    Entropy (8bit):4.866831940677612
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nC+ZXn:KogUldGcQW4Xn
                                                                                                                                                                                                    MD5:47CA08817D0EEC6DB4B3EAF514421448
                                                                                                                                                                                                    SHA1:0393CD93A96B8B9A6E9ED6E56CEC9CEED8DDE44C
                                                                                                                                                                                                    SHA-256:8307CEEF8D86F2E307B67A1C4A0B33AF7B83CC4965F698B15960841D20B19F29
                                                                                                                                                                                                    SHA-512:99B632BBD80E9E0A15FB4D43DBEF3BEBFB8F13328F496B5BAF640978B1430CD351FDA50B4DED003FC54664F1E71F4D01A9EFE04577416D701B827D146E492A3A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\FocusFrameStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1344
                                                                                                                                                                                                    Entropy (8bit):2.516006439261854
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:0q+1jssssssp6mNmK3JR/BqDE0dPg5l9eq:d+uCjJRpm1aTr
                                                                                                                                                                                                    MD5:5574B58E0109ABD3AC7FA753127ED997
                                                                                                                                                                                                    SHA1:58A93A78BA46B1B83DAD9DA092E1BBD185EC2E31
                                                                                                                                                                                                    SHA-256:2F61DCEFAF462D6405793175C4AC8E3C19C6848BF9ABC3A294BBCD6F12CB480B
                                                                                                                                                                                                    SHA-512:5EE9838F51D17005CB3F7A4A4102FBB09C659CA5D62E2D29461C5A5AA6DF451667228338001817B04A74FA91FDF9045A375B79BA655ACE5A4105E7D79DA020E4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............@...................................................;..4uD../.O2:I..................#.......P..................................................................................................................................................?@...............8.......8...............3.P.................3...........................X...................@...p...............................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s.................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...P.r.i.v.a.t.e.................................S.t.y.l.e.I.t.e.m...............................m.a.r.g.i.n.............................a.n.c.h.o.r.s...........................f.i.l.l.................................e.x.p.r.e.s.s.i.o.n. .f.o.r. .f.i.l.l...........................e.l.e.m.e.n.t.T.y.p.e...........................f.o.c.u.s.f.r.a.m.e.............................p.a.r.e.n.t.................X...................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\GroupBoxStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3230
                                                                                                                                                                                                    Entropy (8bit):4.914641706249265
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nCX+/CAYnvoYBxnQ:KogUldGcQW9+/CAYgYBq
                                                                                                                                                                                                    MD5:FC05F8A54097E64E9044950470A58E40
                                                                                                                                                                                                    SHA1:ED2DD6FE5FCCAA5B88BD4515E93D2435C43899E4
                                                                                                                                                                                                    SHA-256:6858DB01FA20AD83559BB5DBB9BB6A7711C8C6959EC53FEBD4D0A9C5370CF59B
                                                                                                                                                                                                    SHA-512:11E577F43E332B195BFAD9CE5A0AA8F4127C0C6F1878ED5B99168B8DCDE5C41C89BA9AB752D8C92AAC70C19DA06FB598066FFBE7D6B6449D36D1D704FDCEF07A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\GroupBoxStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6616
                                                                                                                                                                                                    Entropy (8bit):2.954412897214398
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:fSmoGW7+lqp9O+NlbA6NOJb2ylOqpW8lGFvW8lnEfRS0xqfm6CLZF6HnIJEuvIRv:cXs+f14JbblO55EStwa1L7FbKzfdw5g4
                                                                                                                                                                                                    MD5:FBD759675C9AC5FA4A48F6314CCC7499
                                                                                                                                                                                                    SHA1:578003BBEAF1BA3647BE2C20248767FD8A629EE4
                                                                                                                                                                                                    SHA-256:4CA70ADD85AFFD00890E8CD606ABFD9276D1F6F9F096653BC3C2E9FE2E81A5B7
                                                                                                                                                                                                    SHA-512:5B9EB465B999D5AD548FEF550088AFF16AFD11BFC419DEB0BE4FB04DAD7B17940D87F8628C8DF82EA38703790ECEEFC938543EDDC6C0F313474AE6C4E8B2C2D3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)......................................................................'.^..ZM.6...................#...@...................,.......,.......,.../...0............................... ....... ....... ....... ....... ....... ...............0... ...h...............0...........8...........0...x...........................#...0...c...@...P...c...`.......................#...0...........#...0...........#...0...................c...@...c.......c...........c...`...c...`...c.....................................................6...=...........@...............8.......8.................P.............................`...%...........8.......8...............3.P.................3.......4.......5.......6...!...7......:..../...........`.L.....0...................@...D...........8.......8...............:...................:.........:.....:.:....`.J...:.L...H........:....7\.L...H...|...............@...............8.......8...............;...................;.........:.................@...............

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\MenuBarStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3238
                                                                                                                                                                                                    Entropy (8bit):4.90187484968626
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nCev5COkFNpACuUBEKjo3Zq:KogUldGcQWcv5x+aCuUUI
                                                                                                                                                                                                    MD5:E78025940E8545B158A72910F129AAF0
                                                                                                                                                                                                    SHA1:8CD85D7C384EDF0FF6B05B532A4FE04312162A33
                                                                                                                                                                                                    SHA-256:177F211EE15687E231B2A790172D5CADD638016831AF3E4A55C4F9EEDB37E2AC
                                                                                                                                                                                                    SHA-512:4A494D95DE21929FDF04721096989C966717D89E5FD2C734CB6F9B5397579C32525A918417E305FAD9043AF5BA8E5D343809AADCB53A31CE8C4391A92BFA33AD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\MenuBarStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5604
                                                                                                                                                                                                    Entropy (8bit):2.994311913214406
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:/ddtytDIZjJ99Zf3Ny5b9UEbt2t4xRWvZHHt:/ddt0IX5gbZ/
                                                                                                                                                                                                    MD5:D8475D29AC4A12DAFB65AFA6E0C1B0FC
                                                                                                                                                                                                    SHA1:F34A139463779D1863EEA31B8454AFD6CDDACDEE
                                                                                                                                                                                                    SHA-256:82FC57AD8798845D876C8834C6CAFE37A2F485B777181859239F32257478683C
                                                                                                                                                                                                    SHA-512:BF8D012AEF0377A763D193A43B16DD0F85AB2B24759A1B185350D683E82B2132AA615E27F26449229B5F64ADC05DE54FDD758724B5FF7880AECC774B14F56F9C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...................................................................e4.."~..%qg..{.................#...8................... ....... ....... ...(...$.......................................................................................................h...........P...........0.......s...P...........a...s...P...............s...P...............s...P...................................3.......3...#...3...............@...S...................`.......................7.......h...~...........8.......8...............3...................3.......4.......5...;...6...X...7...z...8......:....'.........)......|.>....:....'.........)......|.>....:....,.........)......|.>....:....,.........)......|...>...................@...............8.......8...............>...................>.....:.....@...............8.......8...............?...................?...................@...............8.......8...............@...................@...................@...............8.......8...............A.......

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\MenuStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4683
                                                                                                                                                                                                    Entropy (8bit):4.828387956520702
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:KogUldGcQWzvqVw/vSN93wT4ojVJGkOsjRj1:KtcGKWwyzwTzJLBj1
                                                                                                                                                                                                    MD5:9C457D5FAECD7B9A50671D78B48FD52E
                                                                                                                                                                                                    SHA1:B5C07C5CFB40D4B40F85C9EE7F8417819A5A15EC
                                                                                                                                                                                                    SHA-256:AF75BB0905D646A1A15361D642AB86A1D389695D6BCFEE8291CDA857F84E0CB6
                                                                                                                                                                                                    SHA-512:9434551DC72FB405BADF8BF89C024F7531A2E5AB0EEF1FD3F89999230B65D92E0BBA98D0D51C41CA205763AC9081BE4839E5D2B5E435F0135F5726C14B59C11F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\MenuStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):9780
                                                                                                                                                                                                    Entropy (8bit):3.069042267581048
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:0DMz+jZG3NChNPDMUmkJ/9hBaHZ2H51MWEbt2SOzZqqvltqFND1E9lESM:1+w3NChRMUmSNZ+/9JWH1M
                                                                                                                                                                                                    MD5:B8893885A45B266E019FBA47084E2A23
                                                                                                                                                                                                    SHA1:485064760EAB72AE6B931A89C8CBFCAFD9A01E3B
                                                                                                                                                                                                    SHA-256:AB6F316236DB12D405A38676E84A4595256B1A01A096B6852A0B2B64CF35D4FD
                                                                                                                                                                                                    SHA-512:5576CE57134EA6597F6AEEF43EDB8C005F552D6D700F96CAC7454729CDDE0E9A2A86E7F4C81353B279AB65032B9CE9A552B0C5506567EF111672BA57C1A93651
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............4&..................................................Oi&ps.]...~.br.+................#...a...................H.......H.......H...F...L.......d.......p...................................................................................H...........8...............@...............x...........`...........H...............................3...0... ...C...c...c...c...c...........................................................................................#...........#...0...#...0.......S.......c...#...0...#...P...#...p...#.......#.......#...p...#.......#...0...#.......#................................................G.z................Z.......W...[...S...\...]...`.......@.......>.......8.......8...............r.P.................r...........@....... .......8.......8...............Q...................Q.....:.....@...............8.......8...............;...................;.....:....`........@...............8.......8...............@...................@.........:.........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ProgressBarStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2916
                                                                                                                                                                                                    Entropy (8bit):4.839363550613035
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nCsnxq2Bh9n1iWUH95XkuMZr:KogUldGcQWOnl31iWQ95XkX
                                                                                                                                                                                                    MD5:5168523E82D5137AD3656165D1D0A2AD
                                                                                                                                                                                                    SHA1:0C27710BC44AE4C0D5A781BA0D807398D70AFD42
                                                                                                                                                                                                    SHA-256:374ECA958EF36B2324ABBEC45E179E11570F6DE5A91F8AD3F2559393B240ED28
                                                                                                                                                                                                    SHA-512:AB2DF3E21E1BF415FC77978F42E64D6BA0273E04CB439367F9093A5BB7E9C7F78A3C2381258FE82AFD67CF45F41E82B8BE116D583D2E628C0C228DE1E6A78E79
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ProgressBarStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4212
                                                                                                                                                                                                    Entropy (8bit):2.9315315607398036
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:dbmdgUafHdx/y2xSJ/qh9mowoM9+yHYEBY4SlybtryKM5CYZDd9zsIn4b8:kZafHSJ/i9vklHYOYZEbt2KM5CYhV
                                                                                                                                                                                                    MD5:17DC4D8460018C26EE3D1057CE78ECF2
                                                                                                                                                                                                    SHA1:0302471912DCD1AAC76D0DED281442557C1637B1
                                                                                                                                                                                                    SHA-256:379B9CE8C96C6BF079B8D29DE249AC15CFF33EC394D92BEF4797438C80AC2983
                                                                                                                                                                                                    SHA-512:80DDA771E3BBCC7472EB1C88CFE2D2314AD1AA6A51069C141AC408C75AEBBCD48CCFB9378D92CAD34DDC9F94B96F60911B1159B739D479FC61154678D5573407
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............t.....................................................IMk.t.`;.C.&..................#...)...............................................................................................................................................`...........X...........@................................... .......................0...................P.......@...S...`.......p...s...s............@s.........@...............8.......8...............4...................4.....L..H...:......................@...............8.......8...............5...................5.....L..H...:......................@...............8.......8...............6...................6.....L..H...:......................@...............8.......8...............7...................7.....:.....@...............8.......8...............8...................8.....:.....:.h.....@...............8.......8...............9...................9.....:.....@...............8.......8...............:...................:.....L.....

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\RadioButtonStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4128
                                                                                                                                                                                                    Entropy (8bit):4.6240539224144275
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nCs+MMLR0K6SCv2oM6XRa2jM3CSnhHTXgv:KogUldGcQWO+MMLRvA2oMCRMSS1LS
                                                                                                                                                                                                    MD5:9DFAC0C040CA518A9E1930D70E90F6F5
                                                                                                                                                                                                    SHA1:A6D338CE117273B5753A982C66C7A76176C01293
                                                                                                                                                                                                    SHA-256:D673E0F7FAD84074A376601CA564445E9A8B428CF50C37EA59D05A7AB5924F6A
                                                                                                                                                                                                    SHA-512:9855008ABB7A5FC71AE9FD8D5BA78B7FF3E44F0C5110B1C0CCE214ED6A58846B31ECD03500F9B8D4F2ACB1F8076D9A1C3B18AE46623365BABCF8E419831815A3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\RadioButtonStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):10500
                                                                                                                                                                                                    Entropy (8bit):2.9556053459781477
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:NXthaJUb2mCehtYCf5B9J9bxSQfSoK8r2hEbAKEpS7npBN8aqOzIs:Nb2mCehmCRBWaHzz8aqOB
                                                                                                                                                                                                    MD5:6CC7B8099B053D4E25EBBECBCD801D83
                                                                                                                                                                                                    SHA1:77CA239F0700871352DE2F813B1EF0C8B7451D4B
                                                                                                                                                                                                    SHA-256:3DEF03EEFF7756FB647C755ACF1F6542AEBA81AC68CDD4389CC674D686189C96
                                                                                                                                                                                                    SHA-512:1BE6603A3251ACD88053F23025D47886B3933A0E8A5F7941C416DC52F4F81654DB1554D1B5784674464DCFCF99264FD491A263EE32100273028ED2DDF0E4C190
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)................)..................................................e.h.@&.0a#.C...J................#...[....... ...........x.......x.......x...D...x....................................................................................... !..........0...x...........P...........0...............p....... ...h...........H...........0...x...........X...........8...............S.......S.......S... .......c.......c.......c.......c.......c... ...c.......S.......c... ...........3...........@...c.......................c... .......p...........c... .......c... ...........@...........................................c........... .......@.......@..................@.......?@...............8.......8...............-.P.................-...........@...............8.......8...............1...................1.....:.....@...............8.......8...............2...................2.....:.....@...............8.......8...............3...................3.....:.....@...............8.......8...............

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\RowItemSingleton.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2070
                                                                                                                                                                                                    Entropy (8bit):4.832400322959624
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:MLkjCT3QXf8WYwid0szM68qDRGNfFTNZbOWGf0HB+N7YiZTcfyyU2yEd:MLoO6E+iCshVKzlOWGf0hEVufyyUTEd
                                                                                                                                                                                                    MD5:ED9217025E9EC7239C63D2EF60B78282
                                                                                                                                                                                                    SHA1:C5A7F37EAD74D963D7E2F706D693E31EAFC3BAD0
                                                                                                                                                                                                    SHA-256:5C11ED9112F3D286DD0351CC5166AEB3CF7B4BC8847C0A35422DFBC14FB4F3A4
                                                                                                                                                                                                    SHA-512:7157E905D21B7D5C330EC5275B91ED2B2F3E6A696874CA3EE05586B500820C83350942F990895382C32F8942258E708A297DD76B3A9D62DB9C0EF1DA482A4138
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\RowItemSingleton.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):684
                                                                                                                                                                                                    Entropy (8bit):2.224650175858714
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:0pfEEEEEEEA1Wbt/pAg+l05EfEEEoFeEfl/:0pB0R/+L8IFe0/
                                                                                                                                                                                                    MD5:6160172487777B0F49ECAECF64B52222
                                                                                                                                                                                                    SHA1:7E3056C0A86BFAE46E8B61DA4DF070CDAD55E101
                                                                                                                                                                                                    SHA-256:19597E70B013A7E9D2E702336A5CFD9658F41A7485F7DF1176053253F674F07C
                                                                                                                                                                                                    SHA-512:39D4C8EA16A11B47B8ECB80FA1E8EADFD413E777AC8D77295ADF0C2E1E9F27DB703DAC32EC9B700C30EFDCDD7DCBA0F235228EBB9B06DF40DDB92FDDB6B09FA4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...................................................................6.....kv....:.G.................'.......................................................................................................................................................8...........................................................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...P.r.i.v.a.t.e.................................S.t.y.l.e.I.t.e.m...............................e.l.e.m.e.n.t.T.y.p.e...........................i.t.e.m.r.o.w...............(.......................)...,.......................T...T...T.......T...T.......T.......l...*.......l.......l.......................+.P.+. .....

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ScrollViewStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3920
                                                                                                                                                                                                    Entropy (8bit):4.8675531615918075
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:KogUldGcQWOLBgWFnl0bNNvGbGDp/s6dkGF:KtcG7qwl0bNN2Cp/uGF
                                                                                                                                                                                                    MD5:CCF3DC3DFB076E1397626FC400502E0F
                                                                                                                                                                                                    SHA1:379E4B968512352773130A95E75D465F3BEE4857
                                                                                                                                                                                                    SHA-256:A6F0CBA47674AF372708D6002506A0514FC8F1C6DF922416B44549BDB5D08806
                                                                                                                                                                                                    SHA-512:2DBEFCF7793C5EDD0B167AE6A82652692063126CAF465B33330292357F7D0F2E0D728C60CD375F279F8A41AC94E9CB4CEA431652F42BC9713AA01E102687FF01
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ScrollViewStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):9328
                                                                                                                                                                                                    Entropy (8bit):3.007849911372604
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:Q+BqapWRhIcVNdtuJcOIlSPP86jNVOV0t44k1YOYiwfq2Do4jxVZCTD7EtA2pj4i:xBSScPdmP1VOV0rliUxVh4/6
                                                                                                                                                                                                    MD5:E47A3FC7AD33E1C09E1884DC3DE8F45E
                                                                                                                                                                                                    SHA1:4E0E3DD7D8F884D141A30158543D7FB843874D27
                                                                                                                                                                                                    SHA-256:E9D3504019AD242CE6496F4F1159BFC9DC5D1A5E26F3158BE4B5BA94D1F821CC
                                                                                                                                                                                                    SHA-512:CB05229C8DA3AC501D60F226163A9974C768FC120CD9CE5DD77766FE13124F03D3DBE6211A39A9B1E75A44D220BE06CAEAFB8BB5B10258E15F0FC4AD04699AFD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............p$...................................................6..D.....p'.*.................#...U...................L.......L.......L...)...P...............................................................................................`...........X...........8...............`...........H........... ...x.......(...p...#... ...#...@...#... ...#...@...#...@...c...c...c...c...........................................................`.......................#.......#...S...3...Q...C..............................@...............8.......8...............0...................0........C..........@....... .......8.......8...............J.P.................J........E..........@.......".......8.......8...............K.P.................K........F..........@.......$.......8.......8...............L.P.................L........G..........j.......@.......'.......8.......8...............O.P.................O........H..........@...............8.......8...............1...................1...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\SliderStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2912
                                                                                                                                                                                                    Entropy (8bit):4.857002307301528
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nCs+DYs7M00/+BDBqivLm:KogUldGcQWO+DYd/xT
                                                                                                                                                                                                    MD5:C5BE6A9676AE022A4B5C5B67F9CB3483
                                                                                                                                                                                                    SHA1:1105EF627A6B6F46B9860C72E25069ED259AD1A3
                                                                                                                                                                                                    SHA-256:67D3A94B75A01AFEE08644CDED0E393CC3180916FE6DC9BF4B7E7B14727ED582
                                                                                                                                                                                                    SHA-512:303BF89C5C800C0D7C5C2C9682FD82F27CECA7F16044372808A1E88B74C94258B1A638A6DE3A2671CE92B11C445F047BC3BD30EC543B346690EE4EDC1A82A9D9
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\SliderStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5956
                                                                                                                                                                                                    Entropy (8bit):2.8994734744282233
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:eknfSiJWbxii2hEbuk47gYOYin1EpVbv70NxY4HyF:ekq9iliCv4HO
                                                                                                                                                                                                    MD5:11C14EBE805EB1BBB0B1DF29AE01E5D1
                                                                                                                                                                                                    SHA1:D0117BFD00AF6C2A82F65F84CC3A5395FD599C7A
                                                                                                                                                                                                    SHA-256:C73E598834F26081314E7B4D05CE9EFC09DB46C617DBC079E096D5A87F661D94
                                                                                                                                                                                                    SHA-512:8ABEC50B5843C67B7A4061558F7B2ABFD942FADE2B12C4487FC09D6754BFA427621F9DC500C652DB5D3C4FB9AA181ECA09C4A980EDE0EFECED3B2D34EC4331F0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............D.......................................................H9..jSF#T..4................#...=...................0.......0.......0.......0.......................................................................................h...........H...........8...........(...x...........P...........c...............c.......c... ...c...0...c...@...c...P...c...p...c.......c.......c.......c.......c..................................@...............8.......8...............-.P.................-...........@...............8.......8...............0...................0.....:.....@...............8.......8...............2...................2.....L...H.........@...............8.......8...............3...................3.....L......H......@...............8.......8...............5...................5.....:....d........@...............8.......8...............6...................6.....:....d........@...............8.......8...............7...................7.....:....d........@...............

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\SpinBoxStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5470
                                                                                                                                                                                                    Entropy (8bit):4.769994565901049
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:KogUldGcQWO+KWtnZkRtrFbWFJRN/3sqNnckMj:KtcGOXZ8UM
                                                                                                                                                                                                    MD5:3BCFD261EC53F77B79FF18EDA94F00A4
                                                                                                                                                                                                    SHA1:806C34F49630C855AB448D1DDD7CC7EC75155A7E
                                                                                                                                                                                                    SHA-256:BC6AA234585366A42DC44D90F15BAF2CDC601F4158E9A2E97A9E8CE4BDABE15D
                                                                                                                                                                                                    SHA-512:96F7FA538D396A03D0660B6D76070D5BB66419C80917AA3BB4135C57B98219A87D318E0EFAEF817CDA896C3ED65554072F6168D3B33E779BE3BA430A8E95404D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\SpinBoxStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):14728
                                                                                                                                                                                                    Entropy (8bit):3.1008045226317815
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:mEKptk3+YhgvIFWgHX3Vc5RItlEAlbW8kHsRJnvbIYoPDxcH/yLf5VR5cH+sdq+7:mES+Bh7LXsReEABWtLVfACQpL0wqXJwl
                                                                                                                                                                                                    MD5:C49291792799DE07901FC05B8D006BE4
                                                                                                                                                                                                    SHA1:290F980659A9BBAB755919B64C5C217E3118CC27
                                                                                                                                                                                                    SHA-256:962CE4479579872A510F7EC4C7A335EC7A96BAF54B2C12B7BD72DEBD476E0984
                                                                                                                                                                                                    SHA-512:E73119511D60C32D43EAE375C76AB5AF9ACA3EABB77EFE704671E461680B559C3AC473B4207BA5F9B0E9D9F05F609F179D016A436241E27F11991D221D57EAA0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)................9.....................................................R).$..{"..7.G................#...........%........................................................................................................................... /......P...........X...........h...........`...........`...........P...........0...x...........(...p...........`...........P...................H...............................c.......c...........#.......c.......c...........c.......c...........c.......c...........#...0...@...#...`...#...p...#...........c... ...........c... ...........c... ...........c... .......................................................#...`...#...@...#...`...#...........#... ...........#... .......#... ...........P...............`....................................................... ... ...........................s...........#.......s.......................................c.......c.......c.......c... .......................................`...........c...s...............

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\StatusBarStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2491
                                                                                                                                                                                                    Entropy (8bit):4.878811646714112
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nC+V4iYSss1bM:KogUldGcQWe4n3oQ
                                                                                                                                                                                                    MD5:A4E30E457C53AEFC73DD84E4FB800AAF
                                                                                                                                                                                                    SHA1:2A18E9793678530EE130464A134DC1D1C036E030
                                                                                                                                                                                                    SHA-256:A605E146BD646C94F5DF54330956FCF355AA994822A3F19D2E8FC8DC7C6FDC72
                                                                                                                                                                                                    SHA-512:D0F7E098A0DC960A20273C5EF33DC089B5D6F4C8C9069E2863152D0FCD3EE5972D19FBCCF3BA57D5CCD6E9A341B3BA115C6600A7E7D8E820E4F375DE3599515A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\StatusBarStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2460
                                                                                                                                                                                                    Entropy (8bit):2.573575633424152
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:2BJm/6PUJHOXqh9lmbWBnouFdzLkSRlHgHCwY:UujJuXi9l0WZxHIsNgHCb
                                                                                                                                                                                                    MD5:D34FEF3C767472C7C839AAFC146E3ADE
                                                                                                                                                                                                    SHA1:DBF188E555A53C8812CD533BB8131655E67923DB
                                                                                                                                                                                                    SHA-256:BF708C0AEB946DB15D792C33572B6577FA685965248752CBA021A783B98DE537
                                                                                                                                                                                                    SHA-512:29CE7B2B4E5D3D4BD9E9DC10610584212870B99546F52C1CAFD678D01E3CF5A0A3468FF36DBFD2ECE77E2F5CB0513CDBE803A9032E0B1477D4A790C65E8F2F11
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...................................................................7.M....W^4.hK.@Z................#.......x...............................................................0.......0.......0.......0.......0.......0.......0...................0...c.................................................@...............8.......8...............;...................;................... ...`...............(...P...p............... ...X............... ...P...........................................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s.................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...P.r.i.v.a.t.e.................................S.t.y.l.e...............................p.a.d.d.i.n.g...........................l.e.f.t.................................r.i.g.h.t...............................t.o.p...........................b.o.t.t.o.m.............................C.o.m.p.o.n.e.n.t...............................p.a.n.e.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\SwitchStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2113
                                                                                                                                                                                                    Entropy (8bit):4.854277805833694
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:MLkjCT3QXf8WYwid0szM68qDRGNfFTNZbOWGf0HB+N7YiZTcfy9N9C2okXf:MLoO6E+iCshVKzlOWGf0hEVufy9nCfO
                                                                                                                                                                                                    MD5:6C9008235764FF0068F72701943B94FD
                                                                                                                                                                                                    SHA1:F100EAEEDF7D8164215092BF3C9A5F6FDC98F825
                                                                                                                                                                                                    SHA-256:203F0571C301F3215736C0647181D8C40CF7DC6C96C4C22FEE327A0F2643048D
                                                                                                                                                                                                    SHA-512:56BD57F97CA85EDDFF01C4C8DEBE9DFC0CFFC8959C49300A52457DCD0A8B78D3AFC2F3256BF6F38FE8942C72BF68B3B7C3385AD816E7E46AF0D6FA159A619686
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\SwitchStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):820
                                                                                                                                                                                                    Entropy (8bit):2.3150804402115313
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:0gkrL4XEEEEEEEA14cz3/jt/9/NgnEENmms:0g+Lcb3J1WETms
                                                                                                                                                                                                    MD5:66F8276B294D4FBE7293C903A5114D79
                                                                                                                                                                                                    SHA1:D4ADDCFDEC56F731B4E8AC7DB191C572F91AED39
                                                                                                                                                                                                    SHA-256:E6B30B30F390277E747B7F08929B032B15B840AF1F142A1804FA976ED51AF850
                                                                                                                                                                                                    SHA-512:E862F6DC198F76B4A108645C014B9D1940E2776C926E123C274B9F56EA61D7F5E79AFA60EC127C0D495E5495AFC3EB6F0489EE7B54BC8FF79F7744124F527751
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............4.....................................................K..8...2.1.................#.......................................................................................................................................h...............8...`...........8...........................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s.................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...P.r.i.v.a.t.e.................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...S.t.y.l.e.s...........................S.w.i.t.c.h.S.t.y.l.e...............p.......................(.......................).......................*.......................+...t.......................T...T...T.......T...T.......T.......T...-.......T.......T...........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\TabViewStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5403
                                                                                                                                                                                                    Entropy (8bit):4.869623049015817
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:KogUldGcQWROnOVeVVpjou109ek09eeNLuJ1T1OAhEs2TTaJtAtZRt7cQq:KtcGVOVeVVdolm6Jl1O5TTm
                                                                                                                                                                                                    MD5:70AC23990E0708D6C19F141EE87604AF
                                                                                                                                                                                                    SHA1:B887A7EC5240501AB95B576E5B351EDA5D657CFC
                                                                                                                                                                                                    SHA-256:FA8D23345774F673EC2E255FFD773B4F79C9402B1D96FD6B59DAF8296B388322
                                                                                                                                                                                                    SHA-512:11DAFFFA8DF00DC43D28B18D99E32C0806083DEBE15586436C2808F4D6D7F660CC26A03982271AABA8659FB07D076170E4AD0203ED99080EB664F9E36C13483D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\TabViewStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):14220
                                                                                                                                                                                                    Entropy (8bit):3.14529450605802
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:NMaPEAgR7vM8uewF/GcBKFK9KzVk9NZzOmRW7P:mas5LcF/GZMc0NNp6P
                                                                                                                                                                                                    MD5:7A05C3D92DF839F0BE81395F54D45652
                                                                                                                                                                                                    SHA1:B43A34980D53ED7A21142D63B069AD329B0FEAFA
                                                                                                                                                                                                    SHA-256:EE574AB2DC0E0383578415B45486AC3BC1925E60D4BBEDD65B42D68F60D9355A
                                                                                                                                                                                                    SHA-512:6218F4B9C793BD142A68C678F770614F2BB37BAFDC5674D33D79B9F352F60AC6E57E64DA94ABB6BD23DAF51F2D3769FEC3385A383ED44FC44BA12571D4F08AC7
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)................7...................................................7.,..../...".qc................#...........!...........|.......|.......|...~...........x...............................................................................`.......X...........X....... ...........@...........X.......0...........(...x.......`....... ...x...........P...........P...........8...........P...................................................C...c...s...c...........c...............c...s...c...........c...............c...s...c...........c...............................s...............C...A....... ...C...C....... ........................................................... ....... ................... ...............s.......0... .......S...........s...@...P...s.......C...3.......................................0...c...................P...............c...............C...........C.............................................@2...............................c.......l...3...............3.../...1...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\TableViewStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5378
                                                                                                                                                                                                    Entropy (8bit):4.808326079025741
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:KogUldGcQWOZqOMLwFR9oDsEP+nSjMLldH:KtcGvkaRssEWSjqt
                                                                                                                                                                                                    MD5:68603CC39333371CDD6E1775322F1670
                                                                                                                                                                                                    SHA1:28F91909A18263E06D61EA1FCA4CFB274965EFC4
                                                                                                                                                                                                    SHA-256:D79180C0B2D1FDFE1D99E182D5EE3C28262402CFFA817820379E66618C976114
                                                                                                                                                                                                    SHA-512:9191915011233D238BAD3BFCB0BFB7D3E9D01BEB4BD6B02F4A6C229FDA4A9A343F8704C4079BC8E12991571B15A6AE0BDA0E2B3C2E36D5EBBA69E798C8069FCA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\TableViewStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):13648
                                                                                                                                                                                                    Entropy (8bit):3.116953971238935
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:zoV5t95m1UehhC+uIBL9esx306youRJtrbpu/O7NRsNr41JgVjVyg318oF8xBL7d:zoVGueTC8eq06ZusBegVjVyg3b2QaDfp
                                                                                                                                                                                                    MD5:E36134CF19F6D2E7A338855084049537
                                                                                                                                                                                                    SHA1:CCBF8D10B97D2449B870C229498FCAFF8CBD8470
                                                                                                                                                                                                    SHA-256:E45D4E5478A7DACCA32E7BE2711D1B031758A2F3E63901A25D471F10EF19CE05
                                                                                                                                                                                                    SHA-512:8C25775280063B7D109791D009FA14373F52774559DD21149C572A19F0988D9DBD066711E5F36685CD4B02BB26B5EAC3EEB96354D229674374B3A46FBF695E07
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............P5......................................................i.L..,....................#..........."...............................k...........0.......0.......H.......`.......`.......`.......`.......`.......`................,..`...........@...........0...........H........... ...h...........x.......`.......@...........0...x...........`...........8...........x.......s...C.......C.......................C........................................................................... .......P.......`.......p...............................................`...............`....... .......0.......0....... ...........s...............s...............................C...0....... .......................................................................`...........................`.............................................L.......c...d...........@...............8.......8...............0.P.................0...........@...............8.......8...............2.P.................2...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\TextAreaStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2739
                                                                                                                                                                                                    Entropy (8bit):4.876333999803406
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nCDtWQwwTeDzT:KogUldGcQWvYT
                                                                                                                                                                                                    MD5:F18A31B21F6E1E07ED2C2384EC9DB07B
                                                                                                                                                                                                    SHA1:F0DB90907002175B39462D21AB886A0D68117B19
                                                                                                                                                                                                    SHA-256:C6B003634227509E65F0BF51DA7C933DDE9EDEEDEC7939A9B4EC6A032D15CE76
                                                                                                                                                                                                    SHA-512:5514AB2ED30618CB5C3AD8A15AFC45E90B3EFB83C26400700CD735D98526B6EB3F934D102B1BC83FD1E4BD559AC65B3266940699B94BB726F308FCBBF5BE2776
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\TextAreaStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3808
                                                                                                                                                                                                    Entropy (8bit):2.9663640619789073
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:ozQBHggoARxxHmCDJhKBQNO506TfrC6hCVXAoxJ9Vg37WCjh9G8ANIEl2Rd:ozMggPlHJJhoQo/QXng3aj8ALlo
                                                                                                                                                                                                    MD5:92EFC385566845FDA25DBE3A95EED300
                                                                                                                                                                                                    SHA1:2B9C05611E93B9A036282851CC9E5EDC70B16CDD
                                                                                                                                                                                                    SHA-256:8599DD0FBB772DECC4FAADE91E64814F865387AF776413FD7AF71315125CFC6F
                                                                                                                                                                                                    SHA-512:B35BDE26998F331C02152E990F07976E52A7DBBF303CB8C5870DC13BCBDA25C8936C9185D86097C0046A4F77945C886A8F1230BFD636B30AF73FECB202EDDA31
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata).........................................................................%..`.&x..................#...%...................................................t...............................................................................h...........(...........8...........P...........................................................................#...0.......@......................@...............8.......8...............-.P.................-.....:.....@...............8.......8.................P...........................:.................@...............8.......8.............../.P................./.........:.................@...............8.......8...............0.P.................0.........:.................@...............8.......8...............1.P.................1.....:.L.......:........H..!.......@...............8.......8...............9.P.................9.....:.....@...............8.......8...............6...................6.....:.....`...............8...p...........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\TextFieldStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3377
                                                                                                                                                                                                    Entropy (8bit):4.85774329326833
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nCshe/RXWBwwjepxStQE/NPGtuvlxR:KogUldGcQWOhOi6StlFOmlxR
                                                                                                                                                                                                    MD5:E32F36F66E28A5933DB78000F5A728AA
                                                                                                                                                                                                    SHA1:B84E9F41AA9723831BA2F1E33793B280570B2432
                                                                                                                                                                                                    SHA-256:469CC7017A3DEAA57E5AD77F67D92C49730158D4CDD3D4CE4A0565916B4BF046
                                                                                                                                                                                                    SHA-512:B099EADB5AADBD45B9F20089D77C16953F56475D03C84A8B1F1BDF44E6E2A85163252634C060EBEA5B047C85BEA1A4CD625C850CD75AB7B82E2888690C52868C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\TextFieldStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):7608
                                                                                                                                                                                                    Entropy (8bit):2.945721817013744
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:tr0lubHuJNimVpxNEkx2B0nQq82oFu9ndvHhOMP:tYlubUVnW0ntdvHhOMP
                                                                                                                                                                                                    MD5:0284E4A0B1D2A6304FC88F0713B13106
                                                                                                                                                                                                    SHA1:14D5D465EB05CE73BAE022F335A99FB90282EF15
                                                                                                                                                                                                    SHA-256:9CB9880F8DDE6F6C8AA9BA41051442AFEC0226203A4A618EAD6D82CBC9E582F8
                                                                                                                                                                                                    SHA-512:ACCA0037068C9ACDBBB8D3BF13F7E6ECE0C6F1BB78D912ACF952355A9F88D3062640BDE6054F3263435C6B03534F46EEDEBA66B9C19783AD2B8C8BDD4C253383
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata).....................................................................[.)..dU;.....:................#...K...................8.......8.......8...$...8...............................................................................................@...............p....... ...p...........`...........H.......c...p.......................................................................S...............3...3.......P...@...c...s.......................s..................................................@...............8.......8...............-.P.................-.....:.....@...............8.......8...............5...................5.....:.....@...............8.......8...............6...................6...........@...............8.......8...............7...................7.....:.....@...............8.......8...............9...................9.........:.................@...............8.......8...............;...................;.........:.................@...............8.......8.......

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ToolBarStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2560
                                                                                                                                                                                                    Entropy (8bit):4.895624359026673
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nC+V4FoTtoKNTfM:KogUldGcQWe4FqtooA
                                                                                                                                                                                                    MD5:C00750A748AAC07D2EE770633A1D1977
                                                                                                                                                                                                    SHA1:E33BADC9EF8C258828F19FEC2BE808F86CBE43C4
                                                                                                                                                                                                    SHA-256:19A1F65314D130633F132DFCC0632767870946EDEC1EC3094D77C7EBF1DEDEA2
                                                                                                                                                                                                    SHA-512:33FEF4B179D1BBB6E6559FE4948F1A522E6D8CB08D6B291893A2E3132047E1F0CB0CC5C5849E571B836033B65D7D5032304B9237EBCB13BF88E14949610C578D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ToolBarStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2784
                                                                                                                                                                                                    Entropy (8bit):2.626590861262889
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:wsYRSmvdlJHOrximKq8tmqyrA4h0FrQgU5f:GtlJuI7XtzwX5f
                                                                                                                                                                                                    MD5:2E993C2909569803612A76520D4E5E1A
                                                                                                                                                                                                    SHA1:E0BE0113773F855B9EC14D2556D9F3FB98AD611E
                                                                                                                                                                                                    SHA-256:4EEB525F050A3D542E8968976C4D779B20C453FDE07409AF9E336D1B2C8B4832
                                                                                                                                                                                                    SHA-512:A85BC3EE79B021FE7A07F5A4F5B49432448DD89C89231A8C013E52E49A359D492CBF1C2FC63501367D8087C6FE40FCD503559D50E6284DA902ED6A4FF6F5D5CA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...................................................................oI.-...?1`..0.B.................#............................................................... .......@.......@.......@.......@.......@.......@.......@...................@.....................................................................@...%...........8.......8...............6.P.................6.....:.....h.L...H...:.....h.L...H.........@...............8.......8...............<...................<...........X...x...........0...X.......................`...................8...`............... ...X.......................................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s.................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...P.r.i.v.a.t.e.................................S.t.y.l.e...............................p.a.d.d.i.n.g...........................l.e.f.t.................................r.i.g.h.t...............................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ToolButtonStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2679
                                                                                                                                                                                                    Entropy (8bit):4.817998343273068
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nCsPeT6L/jx:KogUldGcQWOPeEjx
                                                                                                                                                                                                    MD5:BCFCBFBD6E6B859D0022AC47C639A698
                                                                                                                                                                                                    SHA1:2516F4A662B412923F9C2EAD0B5865E5E0D3CA35
                                                                                                                                                                                                    SHA-256:EAB8AA6660AFC600BB4638790DEE761289226F376DEC5048FF1322CAE9962EA8
                                                                                                                                                                                                    SHA-512:7EA78319472B7ED0D5BD2C93A9C1B5B922F39FFD668D666BB7CEF3CFDF8742EE0B819C2D2C830079D939F01F5078D37E5C71CA6323C0ECE4BCF0CD099A1A0BF0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ToolButtonStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4156
                                                                                                                                                                                                    Entropy (8bit):2.8127110525476646
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:MtAT2ZZzRevfvSfIOVFsmJ/io9EiMKGR6YCKB9QnD:MA6vRIfvSfIO330KMCKB9gD
                                                                                                                                                                                                    MD5:FDF627DA1717262C0D5B58580E18B2A7
                                                                                                                                                                                                    SHA1:53727EB9CCED3C5C289122B6A7971F9A1AA971D7
                                                                                                                                                                                                    SHA-256:ABF0305D9234E2C150F75B1BA0FF2EFCE586CF4AE1996D5C8D84049180E7C064
                                                                                                                                                                                                    SHA-512:E8198F3719E4DBC8E565EA25E6C724BED5E5F95046AD78343819F54D91054A02C84260C33860ACB31400D21211EAA2808DF6FADC57A38050540DE973980E1507
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............<........................................................x...d~JU.o.................#...,...h...........................................................................................................................................@...........(...p....... ............................................... ....... .......0.......@...............P...`.......p...........................)...*...(.......@...............8.......8...............2...................2.....:.L...:.......@...............8.......8...............3...................3.....:.....@...............8.......8...............4...................4.....:.L...:.pL...:........@...............8.......8...............5...................5.....:.....@...............8.......8...............6...................6.....:.....@...............8.......8...............7...................7.....:.....@...............8.......8...............8...................8.....:.....H... ...........8.......8...............:.......

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\TreeViewStyle.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2851
                                                                                                                                                                                                    Entropy (8bit):4.83490362938184
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nM+AvKufXjLOH:KogUldGcQWtvrOH
                                                                                                                                                                                                    MD5:6F7FAE0B08A85CC48443CD6C2A0AD367
                                                                                                                                                                                                    SHA1:E668B85D9524862BB0C849239C4E9F20F9610D41
                                                                                                                                                                                                    SHA-256:F25F4D88D7E91A642CF1F1484290398A6FBE56CA30E8D2641674FC2AF95BE28C
                                                                                                                                                                                                    SHA-512:E975DF2161991FB789AAC30CE1B5C42B55FB7C0E039377793F3A09F1A668C531431A916CC9046254EAED0D234D93939FD4E808F2E92E337C24F9FF35F559A0C8
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\TreeViewStyle.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3740
                                                                                                                                                                                                    Entropy (8bit):2.9289245979676926
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:m42MMZY3ZMnGjfoJHzVFbUHbqpW8lGFvW8lnuLC2q48lnK2VG1l0e:mllY3Z4aQJHz+55uLJ8lnKnlH
                                                                                                                                                                                                    MD5:8FA30BB8BA6F81D312864C20D62D16CD
                                                                                                                                                                                                    SHA1:BE20DB07B36DC3A209A62EF4DE8B2AEBC1EF9687
                                                                                                                                                                                                    SHA-256:4F59547BF507D37C5513BF8EA09009210CAD58625465270C6FD88A4C3EFFBF75
                                                                                                                                                                                                    SHA-512:B4C0B842E7D6B38541992CE4A90D0849AAA73B1745708ED128ADFE5F33BC2E1F144661F7962651FC12661421F74F678BE46BAC29DC681F83F7BBCBF2C4C057A0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)....................................................................X.o.b....n....................#...'...................................................l.......p.......x...............................................................@...........H...............................................................s...............s...............0...P...`..............|.......................P...............8.......8...............5...................5.......7.......8.....:.....:.L...:.p...............@...............8.......8...............9...................9.....:.....@...............8.......8...............:...................:.....:.....@...............8.......8...............;...................;.....:.....x...A...........8.......8...............=...................=.......>.......?.......@.......A.......B...2...C...=...D............. .......>....:.0!..0".....$.........:.0%..:...0&......................................P...p...........(...P...p...............H...h...........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\qmldir

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):72
                                                                                                                                                                                                    Entropy (8bit):4.323595876865264
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:SkR5JsRomvBAWQoAw:GAho5
                                                                                                                                                                                                    MD5:5BB63258D01ACFC40E4594162F0A82C3
                                                                                                                                                                                                    SHA1:565D8441B24D8780934A9DD477A10AF102DB1FF0
                                                                                                                                                                                                    SHA-256:55453E2272C4E35AF64C697A91EE082872A33739E88F9BF18E8128C5AB3BC4CE
                                                                                                                                                                                                    SHA-512:74B9A8C62FFCB21C29D48A3CDC0D7EFD2F5CFAC8CEB55C1B6CF0EFCC97730DC3DBA1642EA26E0245C41CC8FDDF10AE97BA12EA3B6388DEC734F8763BAD6A1211
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:singleton RowItemSingleton 1.0 RowItemSingleton.qml..designersupported..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Flat\qmldir

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):126
                                                                                                                                                                                                    Entropy (8bit):4.704713117740268
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:3BV9NKBiA/A6UR7ElXMLovyWmopFRPlDMexR9bVvn:xVfQiAbUNkXD8oDVlMexVv
                                                                                                                                                                                                    MD5:423C1712AA394DBE84F5179B52B1A261
                                                                                                                                                                                                    SHA1:49C875E36D792C01364191C9D236A5A3D3A25186
                                                                                                                                                                                                    SHA-256:A84A08BB95A702C80C249681B7C0E6F42173FEA619124961243F4804ED6CDA70
                                                                                                                                                                                                    SHA-512:C7CE34D2B67E9B2B74848F28648B3781FE3158B9D27FF309179712B4A16E8028DFFE5818C5E21D082816557EE3E29CCA5E182D81B7B7B44C30C760977DD2A1D8
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:module QtQuick.Controls.Styles.Flat..plugin qtquickextrasflatplugin..classname QtQuickExtrasStylesPlugin..depends QtQml 2.14..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Flat\qtquickextrasflatplugin.dll

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):829936
                                                                                                                                                                                                    Entropy (8bit):6.686405917211323
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24576:R8gIwhCNoh+JJ9f9VhCNoh+5i9FrIJJpCNoh+7z:RY2UJ//UioGz
                                                                                                                                                                                                    MD5:23558F14A566B5C924E830293C4B5C61
                                                                                                                                                                                                    SHA1:4CECEE41DAC3AECE17B6EF56140D87DEAC595F8A
                                                                                                                                                                                                    SHA-256:978D3CEE3ACF87250A64545D23724860D354CAF97985119E7FCB26DF350A0D4F
                                                                                                                                                                                                    SHA-512:A5405E32336648C1DCEA70B505FA74E09CB4E00CEB4CB6C4DA3BE56328AA4C2F8645766CCDE8F269122A92FB71EEED04F209F04B2DE1268709FED1BFA98087EE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........Tg..5.N.5.N.5.N.M.N.5.N\Z.O.5.N.^.O.5.N\Z.O.5.N\Z.O.5.N\Z.O.5.N.E.O.5.N.5.N.5.N.E.O.5.N.E.O.5.N.E.N.5.N.E.O.5.NRich.5.N........................PE..d... .._.........." .....<...T......HA.............................................../....`..........................................n.......n..........`.......................t...8]..T....................^..(....]..0............P...............................text....:.......<.................. ..`.rdata...<...P...>...@..............@..@.data................~..............@....pdata..............................@..@.qtmetad............................@..P.rsrc...`...........................@..@.reloc..t...........................@..B........................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Styles\qmldir

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1575
                                                                                                                                                                                                    Entropy (8bit):4.8088919366233815
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:AM0yAwQYdlyGUG9yHg9olJ6DIqrOirQorA6aAUDTQdiCH9BtAH4oeDvXFWdlvZda:ey9y6PAJGIqqiEoU6LUDcEeHy6WXva1F
                                                                                                                                                                                                    MD5:413DCF3E49E01CA487FA65136C6FB0A9
                                                                                                                                                                                                    SHA1:51AA584ECABFC23F38B8C8E9C45ED820A7F404B7
                                                                                                                                                                                                    SHA-256:7BB94BCC9FA7D849C10ED84F476AD7951A61D48FE8F78ED5201956419D38D05C
                                                                                                                                                                                                    SHA-512:999E3ADB3F09CF70140B45DD4B8DB2C524974DEB5826D309419FC995A3912A7DF439FCEF121C28D5BA5FA36A1C0D10A3C9289B6B948C7FB8656BBF20E7992519
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:module QtQuick.Controls.Styles..ApplicationWindowStyle 1.3 Base/ApplicationWindowStyle.qml..ButtonStyle 1.0 Base/ButtonStyle.qml..BusyIndicatorStyle 1.1 Base/BusyIndicatorStyle.qml..CalendarStyle 1.1 Base/CalendarStyle.qml..CheckBoxStyle 1.0 Base/CheckBoxStyle.qml..ComboBoxStyle 1.0 Base/ComboBoxStyle.qml..MenuStyle 1.2 Base/MenuStyle.qml..MenuBarStyle 1.2 Base/MenuBarStyle.qml..ProgressBarStyle 1.0 Base/ProgressBarStyle.qml..RadioButtonStyle 1.0 Base/RadioButtonStyle.qml..ScrollViewStyle 1.0 Base/ScrollViewStyle.qml..SliderStyle 1.0 Base/SliderStyle.qml..SpinBoxStyle 1.1 Base/SpinBoxStyle.qml..SwitchStyle 1.1 Base/SwitchStyle.qml..TabViewStyle 1.0 Base/TabViewStyle.qml..TableViewStyle 1.0 Base/TableViewStyle.qml..TreeViewStyle 1.4 Base/TreeViewStyle.qml..TextAreaStyle 1.1 Base/TextAreaStyle.qml..TextFieldStyle 1.0 Base/TextFieldStyle.qml..ToolBarStyle 1.0 Base/ToolBarStyle.qml..StatusBarStyle 1.0 Base/StatusBarStyle.qml....CircularGaugeStyle 1.0 Base/CircularGaugeStyle.qml..CircularBu

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Switch.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5331
                                                                                                                                                                                                    Entropy (8bit):4.7535262271796865
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:KogUldGcQWtqJOuPhnGpgFFbVlCidcJhh2Lzprr:KtcGCqJogJkidcfQprr
                                                                                                                                                                                                    MD5:CA3D8928B9CEE6FA5F816B955E4BAD91
                                                                                                                                                                                                    SHA1:1F260D64D2ABFF2523276C9640411EAD735AABEF
                                                                                                                                                                                                    SHA-256:B13AB37C9E463A9CF8E54EC49227D0D9BFC1E2305AC633C52101B1EBC1F764EA
                                                                                                                                                                                                    SHA-512:EBFFE62093E5C826A466C95475051E70E460849F99B6D4B8641A464432CD16FBB3DC6E9C3FAB9A95EC04D89056BFA1313BDBBF6860B80E6AC8F74E34CC4BB0A1
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Switch.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):7648
                                                                                                                                                                                                    Entropy (8bit):2.994879476237304
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:YS5LglOqBc4eHuZJbQQe2FasN7PVddXMy93xrRMr62rNJ6uViPOB3hdi:Y2glNFeOUqRrghxJ65Pg2
                                                                                                                                                                                                    MD5:42D8B81469FA2FF2FB06ED45CD0AAEBA
                                                                                                                                                                                                    SHA1:40E10A44B8B5264B7EC7E58CCC84A75C5CEBA706
                                                                                                                                                                                                    SHA-256:0A25C167264EE2D66934CEB73B09BBE135C7CA56160750B5E2B721A7FE5A26A7
                                                                                                                                                                                                    SHA-512:25D7EED986CD5A7CA099E919F70B33E32FEE910F87D30CBE2C04232503B67E7DF104192E302555327161415AC34F3743FEA21AE0CABBC9E57441E142FACC8ECF
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata).....................................................................?...7B..M._d..................#...H...................8.......8.......8...=...P.......D.......P.......X.......X.......X.......X.......X.......X.......X...............p...X.......X.......@...................X...........8...............X...h...x.......................S...`.......@.......@...c...............`...q...........@...S...............................c...............`...............S... .......0...C...p...........@...c...............`...q...C...p.......S.......C...C...S...`...c...........p.......................X...............8.......8...............r.P.................r.......s.......t.......u......L............................X...'...-.......8.......8.................P.....................................#..........:.L...:.....L...:.H...:...>..................@.......5.......8.......8.................P...........................:....:....................X...$...........8.......8...............l.P.....

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Tab.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3001
                                                                                                                                                                                                    Entropy (8bit):4.819287574242073
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9b1MU3w28oAjlCp8jSj:KogUldGcQWC5LOlCpwc
                                                                                                                                                                                                    MD5:AD45F17A9C359302CB783D120C735607
                                                                                                                                                                                                    SHA1:DEAC44C363B03E2FBAAFD698DB86C9D9CBD22F70
                                                                                                                                                                                                    SHA-256:498A7572ACC1A285857798648F3FEEAAC77364555573AD7225FB2A949A0539F3
                                                                                                                                                                                                    SHA-512:5F0B2C6CFE00567A1DC58BC4C51091223E3862FFD6B4AC513999E05046E6B063796769EF13B2916F71C7F80575D4B6DFB654FF439BF9230EAA14077CC17355C2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\Tab.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2212
                                                                                                                                                                                                    Entropy (8bit):2.657155308312814
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:rP/RocNm/nkFmZYIv+pUFNpOlzfTvDooD:LCcNuk2g67OZfz7
                                                                                                                                                                                                    MD5:E351D3C1E048FD1B3FBA387970E5ADD1
                                                                                                                                                                                                    SHA1:36F42B16DB2BD49931BE097CC81CEA51E05C4333
                                                                                                                                                                                                    SHA-256:34B8573539273F482E32CF2E15AD38C79EAC59842B8B91C61F0172F69DD1CF77
                                                                                                                                                                                                    SHA-512:23C952E584D777C93B518E2C989B6E1C2FF2F24B935C0B0CAC2C96DADDCD14CA0FB0AF8745B5EFB89D9042BE03335DF772E1AD2BADFF2CC3654B7E03DBBD361D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...................................................................O.w\'.......h_:................#............................................................... ....... ....... ....... ....... ....... ....... ....... ...............h... ...x...............3.......@...........@...............8.......8...............R.P.................R......L....0...............@...............8.......8...............D.P.................D...........@...............8.......8...............L.P.................L.....:.....................p...................(...P...................@...................P...............8...............................................................Q.t.Q.u.i.c.k...........................L.o.a.d.e.r.............................t.a.b...........................a.n.c.h.o.r.s...........................f.i.l.l.................................e.x.p.r.e.s.s.i.o.n. .f.o.r. .f.i.l.l...........................t.i.t.l.e..............................._._.i.n.s.e.r.t.e.d.....

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\TabView.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):10775
                                                                                                                                                                                                    Entropy (8bit):4.555931669004076
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:KtcGo4BkD2rdt4uI+t2KD31+F74u3h1zcO04SV22TNQbNqcefu1IucX6:RGo4v4Xaz24u0faWducX6
                                                                                                                                                                                                    MD5:21A3BD0847A872DEBB82D5EC259822A6
                                                                                                                                                                                                    SHA1:71A53D4F9C9881B97E9E6131883C7928DCA44FB4
                                                                                                                                                                                                    SHA-256:6D075D592A118CABD04880B806813D447DD8D38B61282A6305D2B6D8CCE2A1F1
                                                                                                                                                                                                    SHA-512:3BA9EE580EC217A4397FDA16B77FDCB5842D4DF5D843A441EB0E71782BDA6DA4A3D468967048614C311AB41A3CD42D6211F31C0BBDE23B904482558343423F8C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\TabView.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):16284
                                                                                                                                                                                                    Entropy (8bit):3.1848641307639
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:djMuR7GnA8XGNK95R0rEmUmthYV8VS40Q7nLW0HwGLeLEjKX:tMuRsAT0+VhCGjS0QGKL1X
                                                                                                                                                                                                    MD5:28B2CC31C1C618827D2B7E0D8F15BC48
                                                                                                                                                                                                    SHA1:11C8741E75081682DE7F3AA9F3BB6B6428D7C913
                                                                                                                                                                                                    SHA-256:6D26F466D59E5BF33C833432CB9A9397C99D8C4D55F0E15FCC466C0ED7C532C0
                                                                                                                                                                                                    SHA-512:CAC87DE938CE347B9CB360BA1F11AA9AF057D814EC5290167313D4556CA341C2B0B03293EB05581A8B785B7EE761C26AF72F05DBF6D53238426DF94777344EE8
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)................?.......................................................V...F..#...................#...........*...........................................T.......`........................................................................2..........0.......p....... ...........0...........x.......p...........H........... ...h...........P...........H.......8.......8...H...........P.......(...........(...p................................... ...........S.......0.......1.......@...a.......q...c...s...........P...S...............s.......................................................P...............S........... ...s...................................................P.......1.......S...@... ...S....... ...s... ...S...@...S...`...............S................... ....... ...P...........`...#.......s........... ...................p...s...................................p...s...................@... .......`...................a.......q...................@...................s...............

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\TableView.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):11555
                                                                                                                                                                                                    Entropy (8bit):4.508062969601809
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:KtcGatGcaCIsEeVsAKajWjzfjHNhYjhjEHWgjJAStuKznjnHXbjtxtJt:RGG2CIDe66iHgNGFAg9/Jn
                                                                                                                                                                                                    MD5:A03F6048F017119A2EBDD73699108DDE
                                                                                                                                                                                                    SHA1:801B5E265790085FDEE815A796BDE28230D59915
                                                                                                                                                                                                    SHA-256:10B4650B6196482B2217C5593A1B702E1E85E67B58769D685314C7086E866CCD
                                                                                                                                                                                                    SHA-512:6468E846450D98779D857E8D7413E0D2B5A42CF68ACDC9E63336EBA3FF609754EA252CBA8F3A77F8971783FE2383BBB47EB22BA9A6D20399466E2AA392C8B95D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\TableView.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):19824
                                                                                                                                                                                                    Entropy (8bit):3.363986884444094
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:CV8Gmwoetd3NuO/WpQvti6HhsXgntJYMHzlGNFVfY/CFenJVSVKXNP1HjBmhxuh7:CV8Gmwr3NKpQvtpHZ3YMHoIoSTB556i
                                                                                                                                                                                                    MD5:B31656A1428AFBC85E7A371CDE29E6AE
                                                                                                                                                                                                    SHA1:B4CAB4585505B29FFA85B910447585A8C7AA3D0F
                                                                                                                                                                                                    SHA-256:7EB42586498942E1CB09A4C9735A461285E4A3355E030FF6F46A54F45B331047
                                                                                                                                                                                                    SHA-512:211799282120A53F5ACF437FBA855361E92C70E72DA0E39327F28D9EBECB3FEFA01D0366433620784D34FDDD01C9A733E2D0CA5E6C750E6B43D844FB6D2563DA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............pM..................................................;..z[..o....I.3.................#...........%...............................1............................................................................................C..........h.......P...........0...x...........P...........................................(...........`........... ...........@.......`...0...X...........................................(...8...H...X...h...x.......................s...................`...p.......#...#.......s...0.......P...........`...s...`...s...p.......................0.......................................................................#................................................................................................................... ................... .......0.......@...S...........0...............`........... ................... .......0...........0...s...........s.......s.......S.......................`...............#...................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\TableViewColumn.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6804
                                                                                                                                                                                                    Entropy (8bit):4.758090724415883
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:KogUldGcQW6Gze7Kur0wamqRNjjpLAPzH7Xe8LQL1:KtcGoS7n0wfqjpsPzVLQR
                                                                                                                                                                                                    MD5:114CE7CFC7900F90D9D333963F1FA5CA
                                                                                                                                                                                                    SHA1:F71D8F3A7FCFF316B43A381A300A9704ED96F81B
                                                                                                                                                                                                    SHA-256:AD07F5FB3B72791C0AECA0FE44707CAEC017FDF036B54DFD661D862CA285338B
                                                                                                                                                                                                    SHA-512:0889FF45093FCCFA32ADCB4D8C67D9FCE7DBCD4FCDF7B8B63EF934AB5A896B1DA51C2F24069245802AF4C8974450F37AA1C180FF7B2184389D0AA7D16AAD5689
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\TableViewColumn.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3940
                                                                                                                                                                                                    Entropy (8bit):3.2291025294249343
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:2Ab0242pmtVJnfUweyKaHSXBCqZKahJAaAuRaxNd6Iaa6fgw1/Kc:vYl3O3ayxCSnV/Rard69/f
                                                                                                                                                                                                    MD5:045FB67572F5A375C1B326B92AF256DC
                                                                                                                                                                                                    SHA1:A4A2624A33D20882B3757D957E99AFDB8D0D0C7F
                                                                                                                                                                                                    SHA-256:6D6A841F0867F30FD2771E6A5DEF7F89C09A6DE7302761D59FEB86B6F521804F
                                                                                                                                                                                                    SHA-512:6B0A3970A3F9C17A3707B09EA6C029ED5AC34B7F59C83CD7D23997ADFC16F5A6785B811FC744950B680BF47DB8C3AD51CBE0B316B3E8D074E7BE9DA9F3743FDD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............d...................................................pCf.Pd..vt.W..8................#...).......................................&.......................................................................................................`...........C...C...`...C...p...............................C...........S...C...........C...................................S...C... ...S...0...@...P...s...`..........................@@... ...........8.......8...............T.P.................T.....L...:.....h.L...:.:.H.........@...............8.......8...............m.P.................m.....:.....@...............8.......8...............y.P.................y.....:.....@...............8.......8.................P.......................:.....................8.......8.................P.............................................+.......?.......C.......K.......^.......{.......}...................................................................................................N...D.....:.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\TextArea.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):36631
                                                                                                                                                                                                    Entropy (8bit):4.4780442352754575
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:RGCsrfpOCQSMCPcc1BjenOjPrvGU5qkV3G6QIwtr6S:RGCCLF1Bj6Er+UR3G6QIwtr6S
                                                                                                                                                                                                    MD5:B7C419EBBFCB12ECD1A01B7863F7C2BA
                                                                                                                                                                                                    SHA1:B188CE06FAEA8BDC846DCF8B3E8CCDCD4940AFB3
                                                                                                                                                                                                    SHA-256:FE67CE4601E82B4954EC6E3A7E6AE91367AAACA41565C09405236E065C9E50D6
                                                                                                                                                                                                    SHA-512:27173C32C6359E75C5AA11E698F08FD6C51CC43891DFD54FB7CE34152B236ADB64EC03686421C2881030BF4232665947223BA2797BB2EE54FF5FADC1F599832B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\TextArea.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):36040
                                                                                                                                                                                                    Entropy (8bit):3.374796255243882
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:xf7xnjIGFAx14l5ycApCuZIdlgzsUeoWgkHJJ9r/pNDF:l7RjIm5yDCuWdqzsUeomHJ/r/bDF
                                                                                                                                                                                                    MD5:C35DC6D7BAF76B3493B6E79275415A59
                                                                                                                                                                                                    SHA1:B2A6F29FD93573C34DE54A11269115A5B5308AA1
                                                                                                                                                                                                    SHA-256:B6EB7EED20FB5FB25748F4B735806B26B5F84705D9FAD73FC4D42F0F8C998E13
                                                                                                                                                                                                    SHA-512:F21AEF7581D7A59BE73D9D5B0CF957CFA1497CD6DA43F4AC2F633414F07A04AE94DADB4C740068774D08B445783C0B736F9EA46D6E79664113F3AA5CE3E73082
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)..................................................................E0F....|..O..................#........8..c............................................................................................................................x......H...........X...........h.......8...........`...........p.......@...........H...........8........... ...`...........P...........X...........X.......X...................@...0.......x.......@...( ...!..`!...!..."..X"..."...#..`#...#...$...$...$..x%..p&..x'...'...(..P(...(...(..()..p)...)...*..x*...*...+...+...+..8,...,..h-...-.........../...0...1..H1...1..(2..x2...2...3...4..`4...5...6.. 7.. 8..08..@8..P8..`8..p8...8...8...8...8...8...8...8......P...................#...#...@...1....................... .......0.......`.......p....................................................... .......0.......@.......P.......`...S...S... ...c...`...................@...#.......................c...c...3.......................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\TextField.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):23187
                                                                                                                                                                                                    Entropy (8bit):4.601892640300788
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:KtcG4ZAH+wlOXXPbyICpFy440d/nAS3JLzQ5zfKN3h1gdF0qEhPNq+tppmGjheDG:RGffwkIsV3huEhPNTtTeOp
                                                                                                                                                                                                    MD5:438230E5EB067351815803354B75CECD
                                                                                                                                                                                                    SHA1:C1D8DA8AFA9D7BF54347A614C3E10F7B119013CC
                                                                                                                                                                                                    SHA-256:0A5EEC9E6BDE5A318D695351EAEA1187929D08BD9616672290CEFB42B784B27C
                                                                                                                                                                                                    SHA-512:E271F00985D6EF691F4D5C24767DD27623C311D375FCFF20CE5F265BC4937CDF7430929C6AFC7C04D6B01694BD149622C39A2BE7A2302301FDEB5EAA4BF40580
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\TextField.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):17192
                                                                                                                                                                                                    Entropy (8bit):3.1463596315426714
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:+dx6PxQTiRxoxjHIvw5hG1SQSrVs4RRzRdfZXu+iKfWAH2xdesg:+dpCB1is43fZCyvHEesg
                                                                                                                                                                                                    MD5:C9BB561D821BA37306ED6324FFD43446
                                                                                                                                                                                                    SHA1:820C5BD9950CE2935D4850442DD6E1CD014AB2A9
                                                                                                                                                                                                    SHA-256:1E56FF3A4417097C8322B86810BE7B8217C510C9CAA35A6C1ED0F310262D25A8
                                                                                                                                                                                                    SHA-512:7579E6702558128641CBEE23984E03824FE33C752A155EC7B92DC0B06A5BFAAAF6EB6D87C5BD4261859899C042A04E0BE53D285BFE5EF17AE1260717089E82BD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............(C.........................................................4.....................#...........2............................................................................................................................8......0...........0...........X...........h.......H...........P...........X...........0...x...........p...........`...........h...........`...........X...........H...........@...........0...............h...x...s.......s...........s.......s.......s.......s.......s...@...s...`...s...p...s.......s.......s.......s.......s.......s...............`...s... .......C...P.......C...`...#.......#...p.......s...P...s...`...s.......s.......s.......s...`.......................3...................................s........................... ...0...........0...........P...S...........`...........p...........P.......P.......................3...........................S.......S...................................................0.......S...s...............@.......

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\ToolBar.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):7444
                                                                                                                                                                                                    Entropy (8bit):4.556868420703673
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:KogUldGcQW9Cs7WWD9z0vqArXxKA/k+PSAdl+f27qUhr6+LnQv1huMmunh+NNMXv:KtcGR+55YCKc8HQ5v3T+NNq
                                                                                                                                                                                                    MD5:C07E4147051E16985F5131A5430A8930
                                                                                                                                                                                                    SHA1:67D261B5394136DDF95649B8186AF3C7106A1118
                                                                                                                                                                                                    SHA-256:A6FDBF00896B66B912C84BD84394637DC418C7B25533FDEE13CDF2C0C530809E
                                                                                                                                                                                                    SHA-512:675B1D5B681E2EFAF45F30BE1C8335CD419C8770B26E701C9E275075968BF811CD8131FF405A474905A67E4B1EC2C5E35C831D6FA8ABD178FD2915FB3A39FDD8
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\ToolBar.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):11004
                                                                                                                                                                                                    Entropy (8bit):3.1336157578863904
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:HwWZ1ZQzRpkjxxW2R7dbJstc/tHfAQ7fzk71lEbBh7T+sYSLk8Namo2RCbc:XARpk7R7dH/wAP+sYSLoOic
                                                                                                                                                                                                    MD5:78D5C89232DDC47C82D362AC0AA62258
                                                                                                                                                                                                    SHA1:33C3500ADFEA77099931469795F40C3AADFBC728
                                                                                                                                                                                                    SHA-256:7685E541B425EB8FFA3766E9B61C379508256FE483C27BBBB2C8AB92B1F7F818
                                                                                                                                                                                                    SHA-512:48C4F0CB55D35CC128AE1F854E53CEEF14B71F0FB27BC1C4445253F41FD5C6B5C0424F67FAD0EFACE1104963709D7C11BB0B9459F5A976A6C6F871FC5FB953B4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)................*......................................................a..g.......................#...\...P...............l.......l.......l...}...p.......d.......p.......x.......x.......x.......x.......x.......x.......x................!..x.......@...........`...........`...........8........... ...p...........p...................X...........X...........@...............................p...................................p............................... ...............P...S.......3.......s....................... ...........0...@...s...P.......P.......p...........S.......S...p...P...s...s...`...p...s...s...`.......s...s...`.......s...s...`...P...........@...................................@...P.......@...........@...p........... ...............@...P.......@...p.......@...........s.......s...3.......3.......s...............................1.......S.......................@...............8.......8...............d.P.................d.....L...:.H.......H.../...........8.......8.......

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\ToolButton.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3229
                                                                                                                                                                                                    Entropy (8bit):4.725674482574039
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nC+BD4pj4A9z0GWw:KogUldGcQWkDUP9z0s
                                                                                                                                                                                                    MD5:2DAA729A7973A06896E1ED0033FEA2E7
                                                                                                                                                                                                    SHA1:3ECD84596262AB298F07F75E0BC7A3CAAB5F44B1
                                                                                                                                                                                                    SHA-256:3D0FBEE00479A1D6FEBC3F47223F8902D371A59AF84F298C3FCD0D1326E2AE99
                                                                                                                                                                                                    SHA-512:45F5CC021A2CAF1E1751DFD2CDA447BB63960D97CC083F423B204F481B6D60B47F543C61DD5527741CECD868EB5B2F5563CCA7D09E0B19E16823FA96376845A0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\ToolButton.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1196
                                                                                                                                                                                                    Entropy (8bit):2.6504306526154524
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:0S6J8W1vCi7UNTcz3/jt/2I8Po8z5ZvDXmbwYM2/vVvEENubepl:0S6uWlCioNM3JLjCd3YM2/9MLber
                                                                                                                                                                                                    MD5:8E1528EF8E059500B7DB07BC8A8D115E
                                                                                                                                                                                                    SHA1:9E5F1A7BAE1FEFF94AE0CF21281F9725A7CFA188
                                                                                                                                                                                                    SHA-256:BDCD927D9E8E2B27E23D7E01A425A0F1BDC1619A85E3C8EA7A8A536B1A1ADC8F
                                                                                                                                                                                                    SHA-512:19302472C651431D56E405202977503FE3AA998FBEF5DDE7B8ABD81F445601B5D124B250174ABA43175EE0A031CC069EBD32D0D9EEB23E44B0630A8C7AF84632
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)..................................................................."..E|.,...=....O................#.......p...............................................................................................................................................`...S.......@...............8.......8...............V.P.................V.........:.....................................(...x...............8...h...................................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s.................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...P.r.i.v.a.t.e.................................B.u.t.t.o.n.............................b.u.t.t.o.n.............................s.t.y.l.e...............................e.x.p.r.e.s.s.i.o.n. .f.o.r. .s.t.y.l.e.................................S.e.t.t.i.n.g.s.................................s.t.y.l.e.C.o.m.p.o.n.e.n.t.............................T.o.o.l.B.u.t.t.o.n.S.t.y.l.e...q.m.l...........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\TreeView.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):17067
                                                                                                                                                                                                    Entropy (8bit):4.403605360211459
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:KtcGf54RK/P5LgNQL+n5GCVEHuCtJjrjPrVG0dQcAjNs0ThLvoajevjOwjCUJ842:RGzL+5hFeJH7rU4ahTF8qwAuCv
                                                                                                                                                                                                    MD5:E1FD1395D1F8E2FFA28F696FE0411622
                                                                                                                                                                                                    SHA1:FF7C276F0231781D0FA62859800DC95CFFB80AC5
                                                                                                                                                                                                    SHA-256:07BEEE0ADBA375BD9E9648AC6DFBE18A8FE3CE9DEA1BC56F3EFD2E017F2F7B9B
                                                                                                                                                                                                    SHA-512:75403629C1DE9C9E3E40B678DBBEA5FB2F4CE88AB022E5568BD33D4E173793BE81380ADAE21EF5442177A86D5DB10EB743064567C87AFFBD5DC4DF394F2DC802
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\TreeView.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):25496
                                                                                                                                                                                                    Entropy (8bit):3.4679868937552616
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:J8Mny7rLqsOBRPshRD/WsSbLOEhO+idO1SunGbFjLEIqHyA0AxdSON9KafcMiWeq:JnnLRBRyD+biEhpEunGayacMf6oNNF7Z
                                                                                                                                                                                                    MD5:38E3FC30388E7583D73BBCFC99E64799
                                                                                                                                                                                                    SHA1:013CB817E7CBDAD46DA324AAC5F248ED27D9417E
                                                                                                                                                                                                    SHA-256:552887A71B9EE8DC3917569757270EAF484A433ABF43443F45935ABA871DD765
                                                                                                                                                                                                    SHA-512:9C8EC702CED65216372CC406591B77C33F5961D2543F6562185BE87017633EC2C86BACF167796C39E352C7EC0B106D0244B9A96E6650C73A267AC373CF690B7B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)................c....................................................-...k..R...i#f................#.......0,..............................................................................................................................`Z......8.......p...............H...........0...........0...x...........P...........(...p...........0.......x.......0...............@........ ...!..."...#...%..P%...%...&..X'...(...(..H*...*...*...*...+...+.. +..0+..@+..P+..`+..p+...+...+...+...+...+...+...+...+...,...,.. ,......0...........................#...0.......p...............#...0.......................#...0...........s...........p.......................................s...................s.......3...3...3...s.......P...s.......`...s.......s...............................................#............... ...........3...@...........`...P.......3...p.......3...........................................3...p.......3...........................P...............P.......................P...........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\plugins.qmltypes

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):157929
                                                                                                                                                                                                    Entropy (8bit):4.394855792362328
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:N5pg8X/dXiHasVeW+vrfAUmdR5xK5xO7MF4tXtXMzxo+3aM0XoXyQRcMGMQXv:N5pT/dXQ+TfAR43Pe
                                                                                                                                                                                                    MD5:B4A2ABC03607274408F92857B7BAB3FF
                                                                                                                                                                                                    SHA1:D271819DF46A7D17D37561132F56738DF8ED4A18
                                                                                                                                                                                                    SHA-256:9980DDEB8EBAB08CE397D99A543DC9CDC1E4964026EF9C73D6BA02FE43AD2DE3
                                                                                                                                                                                                    SHA-512:C897A979F60FE3A15BED54825DAE0EAA1CF9B831ADF3AF7B975BD0E4F27EAC8FD7E6E6F79FDC34D6FE996AD15B6FD4FF666CDE60DED0E878867BBF8794E4CC5E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:import QtQuick.tooling 1.2....// This file describes the plugin-supplied types contained in the library...// It is used for QML tooling purposes only...//..// This file was auto-generated by:..// 'qmlplugindump -nonrelocatable QtQuick.Controls 1.5'....Module {.. dependencies: [.. "QtGraphicalEffects 1.12",.. "QtQml 2.14",.. "QtQml.Models 2.2",.. "QtQuick 2.9",.. "QtQuick.Controls.Styles 1.4",.. "QtQuick.Extras 1.4",.. "QtQuick.Layouts 1.1",.. "QtQuick.Window 2.2".. ].. Component {.. name: "QAbstractItemModel".. prototype: "QObject".. exports: ["QtQuick.Controls.Private/AbstractItemModel 1.0"].. isCreatable: false.. exportMetaObjectRevisions: [0].. Enum {.. name: "LayoutChangeHint".. values: {.. "NoLayoutChangeHint": 0,.. "VerticalSortHint": 1,.. "HorizontalSortHint": 2.. }.. }.. Enum {..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\qmldir

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):212
                                                                                                                                                                                                    Entropy (8bit):4.668721562194963
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:3BV9NKF7eURCNPdMcvyWmopCxKdz+RLV06qWoZAhoAcRSfL8SFzSnRSqRHyQR9bF:xVfy7eU9e8oIQ+keSAhowPJ3qRHy+Vv
                                                                                                                                                                                                    MD5:A6CE84D84B95B99795330156F2B48C4F
                                                                                                                                                                                                    SHA1:8530263B6C0E61B715673C77BB2F8E55C51B2AA0
                                                                                                                                                                                                    SHA-256:DFBD5CB07BDDD1A2342B82A442CD4A4504D87D04DF79F3083BBA3A031888BE3E
                                                                                                                                                                                                    SHA-512:0979B08FCB1EC0D7589C3A80F0B24EA77817476D6AFABB9E5F63B8A07BF2F3F3D902695514CB3696F11DB210E1CEB6172CA0B878D6BB366DDD8169B009E9A83B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:module QtQuick.Controls..plugin qtquickcontrolsplugin..classname QtQuickControls1Plugin..typeinfo plugins.qmltypes..designersupported..depends QtQuick.Window 2.2..depends QtQuick.Layouts 1.0..depends QtQml 2.14..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Controls\qtquickcontrolsplugin.dll

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):337904
                                                                                                                                                                                                    Entropy (8bit):6.17445886758817
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6144:ERtHRtRs6BjOUGY4YBuFtZLy8ODPTVeVlPJa0S5aXTZjDGog:MxTRKUGjf6og
                                                                                                                                                                                                    MD5:DCFFF1747BB8E7A2C6497DF0A4E5EE8E
                                                                                                                                                                                                    SHA1:8BAD65CC7DCF4C4B9EC0473F22D251E8661D140E
                                                                                                                                                                                                    SHA-256:2EC497AC8AC4814ED4CEE6BF7DAEB15A6DEF7857DCEC6BF290446B125ACD5AC1
                                                                                                                                                                                                    SHA-512:10AC1D163900FB03D7B8B11D45113E5A326B653775B5275EA92C35359B17E7F8CAD6636BAAD77C1F660E7439B6262ED6147B6A167E6FB915E890DA9AF9317749
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......../.O.N`..N`..N`..6...N`.E!a..N`..%a..N`.E!e..N`.E!d..N`.E!c..N`..>a..N`..Na.6L`..>e..N`..>`..N`..>...N`..>b..N`.Rich.N`.........PE..d......_.........." .........2...............................................P...........`.........................................0-.......-.......0..`.......d/...........@..........T...................`...(...0...0............................................text............................... ..`.rdata..^...........................@..@.data...x"..........................@....pdata..d/.......0..................@..@.qtmetado.... ......................@..P.rsrc...`....0......................@..@.reloc.......@......................@..B........................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\DefaultColorDialog.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):16805
                                                                                                                                                                                                    Entropy (8bit):4.024511905292934
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:iGjfVa31y7foQAOumdPjAa6rhLjm3ADpBUQwNLX:iGI2T1Nj
                                                                                                                                                                                                    MD5:4B200AFD3340E84B92381852B9C4D053
                                                                                                                                                                                                    SHA1:53B52803A2994A2FF56272CCA5AFE91896981B43
                                                                                                                                                                                                    SHA-256:29B816728E1B4450E7B50DDA9287D61052BCC265D178BCD1672C27FB1431FED5
                                                                                                                                                                                                    SHA-512:81824E7710908FCCD0CD74A08E328DAC56B5538FCA6E1011BA892B70D9AD945C8E879A2AB05DA2D0D0F494D9F9EBFA6B03F1F77D4AEA927984B2F5F6540328C6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Dialogs module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in t

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\DefaultColorDialog.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):38880
                                                                                                                                                                                                    Entropy (8bit):3.2464805827619645
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:v6a353NGODo8r6TgEAJQz0XxMQ2YOBEagi0sfiVixxKGAYonSc2UrLlfBYJE1rXD:CEwODo8r6TgNjUW55YJyEs
                                                                                                                                                                                                    MD5:78393AC836E08BDF68F2767F6BFDE95D
                                                                                                                                                                                                    SHA1:E04A2C3A6F88536A52CC6227D4823EB77A56CBC0
                                                                                                                                                                                                    SHA-256:89BC4BC32A679C1CC91C1DF0C5E38353D593447AA71EF4B15290643114A652CF
                                                                                                                                                                                                    SHA-512:795A7D17C00C2C640E67B1397973649565D6F0FD0D56CFC2A8EB0414E4975E4F33D1F46BF7DBC47A214E22F54C10070E53D3BB2070D8018151C6A3F3DAF14884
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)......................................................................,..t$Y.B{4...................#........(..N...........0.......0.......0...S...h.......................H.......H........................................................n..............@...........H....... ...h....... ...h...........P...........0...x...........X...............P...........0........... ...p... ...p.......@...........x.......H.......H...........................h.......h........ ..P ... ..(!...!...!..@"..."..."..0#...#...#..($...$...$..8%...%...%..@&...&...&..('...'...'...'...(...(..((..8(..H(..X(..h(..x(...(...(...(...(..................................................................................@...!.......................!.......3.......P...c...p.......@...3.......P.......c...p...........@...............0...........c....................................................................... ...3...C.......P.......`.......p.......P.......`...........................................3...............

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\DefaultDialogWrapper.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):8343
                                                                                                                                                                                                    Entropy (8bit):4.489736761557964
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:KacGuEXsd6q84cbBNUaf0DuH/ivxMoEu12C1q0E:iGuEXs47zjeU/ivxM7u12C1q0E
                                                                                                                                                                                                    MD5:6E9F9F1D9B0B3EC16B9DD0C8F21EA382
                                                                                                                                                                                                    SHA1:C0F1CC4C1142F60E4DB4795984DC03B5E43F1C3D
                                                                                                                                                                                                    SHA-256:09FDBDC3098BA77DD2261B8CD8FD83866D998EB9BFA9F685DA5C43FF78CE746D
                                                                                                                                                                                                    SHA-512:0350E72EDE7826AE537D2944EC1E6A6D07AD1A691109D4D5ECA01170C8E39CC8D08CCC909769795189B4A4035A30967DC001E0D5E041F6611AD80E0AD3B3EA48
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Dialogs module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in t

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\DefaultDialogWrapper.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):15744
                                                                                                                                                                                                    Entropy (8bit):3.242478824808993
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:4S9hxzIKchonZ/ZAsyzKvmR5W0D4RvVvTiqE2L:4S9PzItIRZAmGXDsvVLnE6
                                                                                                                                                                                                    MD5:96B7B4F9B18007661B17D0FD1BCCEBDA
                                                                                                                                                                                                    SHA1:DE6845A4BA235AE07327F0341619947273407FA2
                                                                                                                                                                                                    SHA-256:36EC22614F1D81F9E28B879A791A23EF5A7386707026EF18461D0792A654E846
                                                                                                                                                                                                    SHA-512:9C4F45CC63D81DAA18E2C6AA34895B4084ECD8EADAB4472E4847CE8718079170B8632C64F204F3003F70DD5A365C15F14DF7BC79EF59FBA13D0895ADB1C5CE57
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)................=....................................................?..5p.;l#..cH/................#...y...8...%................................................................... .......0.......0.......0.......0.......0................1..0.......X.......X...........@...................`.......(...........X...........`....... ...p.......(...x............... ...p...........`.......h...........................(...#........... ........... ...........@...1...c.......P...1...c...0...c...0...`.......3...p.......A...........c.......3...p...`...3...p...............0...................s...p...`...s...p........... ...Q.......................S...................#...3.......3.......C...............................S...............3.......s...................#...3...@...3...P...3...`...3...p...............................................................................`...............`...............`...............`...................................s.......s.......3...........0...s.......

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\DefaultFileDialog.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):21837
                                                                                                                                                                                                    Entropy (8bit):3.89069196383034
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:iGCRB55UnGfnUeSO4tIXRAXsMOv6REflHEG:iGKKOPMITb
                                                                                                                                                                                                    MD5:D8C075B1466A5DBC163AAF306C8B9C8F
                                                                                                                                                                                                    SHA1:0BE13D591DAF52EF34D22C9375DBF484FAC2415F
                                                                                                                                                                                                    SHA-256:7562DDFB2AC626A253FA3987FCED5DF7AD7E21CE61EAAF102F005CC586FE6BBD
                                                                                                                                                                                                    SHA-512:37A2428C3E7A91CB2626A633447DB586A89D3E35722711B9CE3F2A60634AECE37C0409C965B0E77D31F94B5BE563BB72F94C2D684129BA8597E28908D52A9504
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Dialogs module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in t

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\DefaultFileDialog.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):49208
                                                                                                                                                                                                    Entropy (8bit):3.193797144456919
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:SGf3i3bCu8H/qtbhkrb8/WRDSGFOxH7fshFzLUCwSXAwBDvVqboQfgwm:ffirCSbkcWRDSAO4FzlXZzaoEm
                                                                                                                                                                                                    MD5:B523699410DCAA64B442E12380DC8030
                                                                                                                                                                                                    SHA1:0B90DA7994FCA1B34BF53504BA10C2FA299C4528
                                                                                                                                                                                                    SHA-256:017FB628674A5933EEC53CFA0399977B0818E93AFD07A446CE221B279B3F0E6E
                                                                                                                                                                                                    SHA-512:F7A24F021FE43B866AC601136B58CADD9A2CC290A575985CDB2321AA3A67137AAC107AB083CBF0491F1E699AFA9D942DD3ACE7442A52177B8C357EAB347894CB
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............8...........................................................e~3.hr.................#...T....A..{...................................D............................... ..................................................................H.......................p...................X...........`.......0...............X...........X...H...........@...........0...........8.......P...........p...........p.......0........... ... ..X!...!...!..H"..."...#..`#...#...$..x$...$...%..h%...%..p&...&...'..((...(...(..@)...*..h*...*...+..P+...,...,..(-..8.......8/.../...0..`0...0...1..p1...1...2..h2...2..03...3...4..X4...4...5..h5...5...6..P6...6...6...7..@8...8...8..H9...9...9..0:...:...:...;...;...;..8<...<...=...=..8>...>...@.. @..8@..H@..X@..h@..x@...@...@...@...@...@...@...@...@...A...A..(A..8A..HA..XA..hA..xA...A..............................Q................................... ........... ...1...............@...P.......a.......@...P...............@...P.......................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\DefaultFontDialog.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):18789
                                                                                                                                                                                                    Entropy (8bit):3.9546487780736306
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:KacGtM5QUU83tyUWheQ3dlbb6zW9e86ewxu2Gy:iGtMQUR3tyUA3bbb6ic8G1
                                                                                                                                                                                                    MD5:75F348472EE20DE837256420D3F05A8E
                                                                                                                                                                                                    SHA1:4D492C74E8E5CFA2500121E9644872C459D19495
                                                                                                                                                                                                    SHA-256:47E4E8472C71959A1CC12FB0857290E655AC901C68D209024A80012555F0C7D8
                                                                                                                                                                                                    SHA-512:64B6E0CE233359E654E3E707B4B2E7125F3719649F17E107E66C5B56C216A63FBA10B3259D5741F05600B8F9DD9CCF9688B8A719D2D17F559551604458AE6516
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Dialogs module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in t

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\DefaultFontDialog.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):38616
                                                                                                                                                                                                    Entropy (8bit):3.1481148369410814
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:EEYKPGZHZBEgL3SR4yCXiyH8KwXR0fjZpJ9TVeRgzkIus54w/97q:EzKP0LC+yCXiDR0fjZpJpVUIusf7q
                                                                                                                                                                                                    MD5:1B245DD1652EF3C2F94E74F82F17A2CD
                                                                                                                                                                                                    SHA1:66692A6CA21900A53E0761651872E6977AB6D5B1
                                                                                                                                                                                                    SHA-256:B1BB10E14015D9722D144061336D4387BCAFC5E52E11555A5EBFD1583144AE6C
                                                                                                                                                                                                    SHA-512:8EAD945EE8AC566AD056C0E42A8F5E12CADCC78B9021237972F60CBA33DFD1E7B936131A4EAE1AA49E52075DE8911842AD74307F4760111133C5D0722EC1FD35
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)..................................................................!.A.Q.'.`L.....................#.......X2..O...........4.......4.......4....................... .......p...............................................................`g..............P...............P...................`...........p.......h...........H........... ...x...(.......p.......X...(...........@...........`...........P...........@...........p ... ..h!..H#...#...$...%..p%...&..`&...&...'..X'...'..((...(...(..p)...)..@*...*...+...+...+..P,...,...-..P-...-...-..`..../.../..P0...0...0...0...0...1...1..(1..81..H1..X1..h1..x1...1...1...1...1...1...1...1...1...2...2..(2..82..H2..................#...0.......0...............................#...0.......P...............#...@...S...........................................................C.......c...............................................................S.......S.......S.......S... .......3...............p...C...............p.......p...#...........#...........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\DefaultMessageDialog.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):12934
                                                                                                                                                                                                    Entropy (8bit):4.097455940794716
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:iGReV5+MQbirxkSVx7oEk/Wb7Ri37lwbuUvr/c18/S7:iGWBeZ8/w
                                                                                                                                                                                                    MD5:B0E29EE869FC72FDF86F89E0B0E9B621
                                                                                                                                                                                                    SHA1:97A79B3E5C3343894B1107B72773E0435C2459B4
                                                                                                                                                                                                    SHA-256:CAAA34C2AADF32D0EBBAACF17744C5797B79D4D377321F88139B3F13A14AB61C
                                                                                                                                                                                                    SHA-512:849B344E4B9D17D324DC79CFD62387A08FD147F7B76898B7949928631DB61A16307D97B8671AB7975962693D5EC1413D3D524928177C58AAC2AD795C8AD09A2D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Dialogs module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in t

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\DefaultMessageDialog.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):31056
                                                                                                                                                                                                    Entropy (8bit):3.1085953932547663
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:LCtt/zrjwg2LT1qAnNMlbiptBqDbeD+Vn+W/P9niX6ecHx7X:0t/zfwgIZqbicDSDOPpNNBX
                                                                                                                                                                                                    MD5:80A7400C2EC32AA1CA462A15B764C5D9
                                                                                                                                                                                                    SHA1:EFA1A7B0DBB3CA7FDE3CD852F9BC633089FA8D2F
                                                                                                                                                                                                    SHA-256:8AF5127A5024AE3BA0109F937F706DE25AD46944637BE59D6921D46021B9404E
                                                                                                                                                                                                    SHA-512:E98D07CAB7AD2FE15662E4012F7ED897D9E03150CCABF7FFA052E4BCB118E7F461FCF8E41B9412DEA5F09AD767DD2B5A4E2DCB8403855C8AFECEB8D27889E969
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............Py.....................................................l...0.i....................#.......0/..`...........x.......x.......x...e...........l.......p.......................................................................0Z..............`.......8........... ...........(...p...........x...........P...........8...............X...........P...........@...........@...........X.......(...........X.......(...........h.......8...........h.......8...........x.......H ... ...!..x!...!..H"..."...#...#...#..X$...$..0%...%...%..X&...&...'..X'...'...'..H(...(...(..8)...)...).. *..p*...*...+..x+...+..8,...,...-..X-...-...-...-...-...-.......... ...0...@...P...`...p..................................../.../.. /......@...P.......@...P...c.......@...0...p...........................................................c...........c.......0.......p...............3...Q............................................... .......0.......@.......P...S...`...S...p....................... ...........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\Private\dialogsprivateplugin.dll

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):52720
                                                                                                                                                                                                    Entropy (8bit):5.937095636932423
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:dBX2hbPgvssanNBA4lUxNSpZ/ZdDGmLUf2h/:wDKRanNBA4lUxNo/ZbUfW
                                                                                                                                                                                                    MD5:DE05A20CDD9E1ED8C0FCCC8A0737FE1C
                                                                                                                                                                                                    SHA1:56F0687B132BBDE9FD9AD1CE11F4F85E7385DD7D
                                                                                                                                                                                                    SHA-256:ABCEAB15BEBE79BD6E53B2DCE71190BEF7C0EAA0BB9B575ED6EEF15EBA9B417A
                                                                                                                                                                                                    SHA-512:30F70E65866A5B9572684D5548FEB907B1C376AA0DB30D1FFDAE24250BDED0DFFC7FCAA6827320F892225DDF230968651C925AC24864473FC3CC9E67D803B40F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3^.w?..w?..w?..~G..q?..P..u?..cT..u?..P..f?..P..p?..P..u?...O..p?..w?...?...O..r?...O..v?...Ox.v?...O..v?..Richw?..................PE..d...L.._.........." .....J...f.......P....................................................`.................................................$...........`.......................<...xv..T....................x..(....v..0............`..0............................text...+H.......J.................. ..`.rdata...M...`...N...N..............@..@.data...............................@....pdata..............................@..@.qtmetad}...........................@..P.rsrc...`...........................@..@.reloc..<...........................@..B................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\Private\plugins.qmltypes

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):12562
                                                                                                                                                                                                    Entropy (8bit):4.0547557110118335
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:I8VFmGH8iSSoesW6kDFLN7rgJO4jybtuYR1pbbQDU1N1l1r1nL1DaHfI85I3P8v+:5ciSSts8XTKQfX5nZ35pkx0v
                                                                                                                                                                                                    MD5:01A98548921015519F9BF96AFC6CA3F2
                                                                                                                                                                                                    SHA1:7010F0A761839F0396B184A407F064A24E034CEF
                                                                                                                                                                                                    SHA-256:9F2748312B462C9BD61A1638B91D2F0E36AF088DA06C55DE385D216299325892
                                                                                                                                                                                                    SHA-512:62C11064E927370B42D6758DBCDF42446C7116638941EE6FA7CB5CCCAAE1DC06C5266D3F135C8669E59F4D732C7C5373241D3FC7E37ADCDE0519EC05701113D5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:import QtQuick.tooling 1.2....// This file describes the plugin-supplied types contained in the library...// It is used for QML tooling purposes only...//..// This file was auto-generated by:..// 'qmlplugindump -nonrelocatable QtQuick.Dialogs.Private 1.1'....Module {.. dependencies: ["QtQuick 2.0"].. Component {.. name: "QAbstractItemModel".. prototype: "QObject".. Enum {.. name: "LayoutChangeHint".. values: {.. "NoLayoutChangeHint": 0,.. "VerticalSortHint": 1,.. "HorizontalSortHint": 2.. }.. }.. Enum {.. name: "CheckIndexOption".. values: {.. "NoOption": 0,.. "IndexIsValid": 1,.. "DoNotUseParent": 2,.. "ParentIsInvalid": 4.. }.. }.. Signal {.. name: "dataChanged".. Parameter { name: "topLeft"; type: "QModelIndex" }.. Parameter { n

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\Private\qmldir

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):128
                                                                                                                                                                                                    Entropy (8bit):4.541086444900037
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:3BVa60XzeBz3hVhvyWmopYPJoXhhy+RLV06qWov:xVa60DeR3hV58oOP2X6+key
                                                                                                                                                                                                    MD5:D859E992832670DFFA54EBC48137C3E0
                                                                                                                                                                                                    SHA1:9A36E7C010533552F9BBD537337B9EFE605D0B4B
                                                                                                                                                                                                    SHA-256:328CE7281FF10EF0D90A753A716912656D3F97476624A584A8B50847127FA00D
                                                                                                                                                                                                    SHA-512:7E92DFFB3E83DA37DE50CBF6C3E808EFFEFF1E49509EE68C7D2EF9B8094C025BBEA5CB1E023B0EEA8B406BE3617BFA3346CC022E6027D93207AF9D84E52FF849
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:module QtQuick.Dialogs.Private..plugin dialogsprivateplugin..classname QtQuick2DialogsPrivatePlugin..typeinfo plugins.qmltypes..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\WidgetColorDialog.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2046
                                                                                                                                                                                                    Entropy (8bit):4.839194226499755
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:MLkMCT3QXf8WYwid0szM68qDRGNfFTNZbOWGf0HB+N7YiZTcfy9N9j:MLZO6E+iCshVKzlOWGf0hEVufy9nj
                                                                                                                                                                                                    MD5:B6D6A211D4018E1871A28DA308C0A264
                                                                                                                                                                                                    SHA1:8EE3F896DD57F62D9CBB01B6BFB5DDB59ADA2ADF
                                                                                                                                                                                                    SHA-256:69A65B64D70B2328258AA1A35B52E1FC4D7A4FFBC2B458BC8CA48DD5BBB28C8F
                                                                                                                                                                                                    SHA-512:A52F8ED39092E8B50923A68DFBD5B8CFD790EAE607575B0B10FE3DEE7E097FDBEBD92FA8D3923F6614FD7CE71DCDFA6F9EED5179DC5F4FF69E99B6A8CC3C20FA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Dialogs module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in t

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\WidgetColorDialog.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):628
                                                                                                                                                                                                    Entropy (8bit):2.1278914455157665
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:K1fcilXEEEEEEEla1UE61hmpKWxRKYGhBGt/a847zQlI+lXsls1S0cz+DD:0kGXEEEEEEEA1Ux1cjmCikDXEE1wU
                                                                                                                                                                                                    MD5:F4367B013AFF4A1445017C4594F16BA6
                                                                                                                                                                                                    SHA1:DCF49B1B1E8FBBFFA3E7AB76DF4994A7CB04E81E
                                                                                                                                                                                                    SHA-256:D6511C27A4ACCE5DA65F62C1D79222AD03A86DA0BC9F5889149E09984237EE22
                                                                                                                                                                                                    SHA-512:0204219C7DD1FD6CEFB5663BA901C22B482AD51D9AA67921A4DC9026ED4D8507DEB6937364DB47D596F1FF6C7157736621DC83DA9DCEC21B0D0F603327426216
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............t...........................................................rf..Frz.................#.......................................................................................................................................................0...X...............................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...P.r.i.v.a.t.e.W.i.d.g.e.t.s.............................Q.t.C.o.l.o.r.D.i.a.l.o.g...................@.......................(.......................)...D.......................T...T...T.......T...T.......T.......T...+.......T.......T...........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\WidgetFileDialog.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2045
                                                                                                                                                                                                    Entropy (8bit):4.838543971830859
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:MLkMCT3QXf8WYwid0szM68qDRGNfFTNZbOWGf0HB+N7YiZTcfy9N9QWC:MLZO6E+iCshVKzlOWGf0hEVufy9nQf
                                                                                                                                                                                                    MD5:9AE11A1E4DD9A3D282AD5BD773CFE0CD
                                                                                                                                                                                                    SHA1:D08399E72B6CAD3634D15C9C3371F3B61112EA60
                                                                                                                                                                                                    SHA-256:275DD745DE7DFBA2CFE20513C72F91DBBCF3A9E79A7C5C5826DDE116407F831C
                                                                                                                                                                                                    SHA-512:4F20EE351C799972FA48DC0FF33B54AC56B51DE7232A14F50D8C3F20A698EC9C7822CDE95C4EC27A574028FEEE40308FB6FA7AA421485ADB0BFCA217E2ED51D9
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Dialogs module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in t

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\WidgetFileDialog.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):628
                                                                                                                                                                                                    Entropy (8bit):2.120223384798184
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:K19yilXEEEEEEEla1UE61hmpKWxRKYGhBGt/a85MkrMLmlXsls1S0cz+DD:09yGXEEEEEEEA1Ux1cjmCl7BXEE1wU
                                                                                                                                                                                                    MD5:E456F1CD59AE7EDEBD8507716C2A3186
                                                                                                                                                                                                    SHA1:4C6429F5A69212B8B1059EF454D6897B5012F779
                                                                                                                                                                                                    SHA-256:B48A48F583BF21B52969E078CBE822C125E3F7C5E7E5596A44785A63B9581A0A
                                                                                                                                                                                                    SHA-512:A26BB54F5FED4120F5D869337617B11C50A16BE362078DA7A7BD6F7FB4043F95AA7582171758AEBEC9AC1D1B805E6A45B081F3855881BEF925C1E6FB54DCFBB0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............t.....................................................d3.FK,4jM.C..................#.......................................................................................................................................................0...X...............................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...P.r.i.v.a.t.e.W.i.d.g.e.t.s.............................Q.t.F.i.l.e.D.i.a.l.o.g.....................@.......................(.......................)...D.......................T...T...T.......T...T.......T.......T...+.......T.......T...........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\WidgetFontDialog.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2045
                                                                                                                                                                                                    Entropy (8bit):4.839477066158387
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:MLkMCT3QXf8WYwid0szM68qDRGNfFTNZbOWGf0HB+N7YiZTcfy9N9u:MLZO6E+iCshVKzlOWGf0hEVufy9nu
                                                                                                                                                                                                    MD5:A87880CA314C1F7E637390F555D93CDE
                                                                                                                                                                                                    SHA1:691774B5B2179CC0B31D976EEC8EFF37166A2D23
                                                                                                                                                                                                    SHA-256:DC36D5A4E713A5CEED8E877CB16D30272953E736C99FBF933075220281E3A2EE
                                                                                                                                                                                                    SHA-512:DEE0DFBFBEB7D1F43E7FE5AA7C7EEED019FE96D9D885D2C89C19025878D6213B3C95953922130CF877B7B6BE5962A9867B6B659FDC4328F5B0ABBD4DCFEFB7E3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Dialogs module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in t

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\WidgetFontDialog.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):628
                                                                                                                                                                                                    Entropy (8bit):2.1187595200086866
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:0ugxGXEEEEEEEA1Ux1cjmClRRDB4XEEhU:0ukGpyumMDB40+U
                                                                                                                                                                                                    MD5:BA2F8DDDE04DDFAD88D25294FF0CA8AE
                                                                                                                                                                                                    SHA1:45B3971F2260E54AC697814A492C284DD6F01D66
                                                                                                                                                                                                    SHA-256:DA341346431475B510FCAC1268E59F508EE7A2A6696E61AD52551628C1D99942
                                                                                                                                                                                                    SHA-512:45E73E7466F525BF550528BC58331D95D546B8EC4431B2CFEDBEC2587853C76C22A507ADDDB2D8E39D4698889A488474BC1454E8BC7F83F1BE8DB9A04A5D4A3F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............t...................................................R"uR..<.!.!..^.................#.......................................................................................................................................................0...X...............................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...P.r.i.v.a.t.e.W.i.d.g.e.t.s.............................Q.t.F.o.n.t.D.i.a.l.o.g.....................@.......................(.......................)...D.......................T...T...T.......T...T.......T.......T...+.......T.......T...........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\WidgetMessageDialog.qml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2048
                                                                                                                                                                                                    Entropy (8bit):4.841495536435705
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:MLkMCT3QXf8WYwid0szM68qDRGNfFTNZbOWGf0HB+N7YiZTcfy9N9Q:MLZO6E+iCshVKzlOWGf0hEVufy9nQ
                                                                                                                                                                                                    MD5:36FB0F29228ABACA2E0F0BF72EC62823
                                                                                                                                                                                                    SHA1:FB1C98BA0DBC9D5B9B1D2CC3F947DDE5212CDA73
                                                                                                                                                                                                    SHA-256:DC91A4E687696C4AA83E5A1D6E05BFDE8F3FAE8338691982E42F3282AF9A1E6E
                                                                                                                                                                                                    SHA-512:747B56D7CE4281E25543C6D8705558FF0B3935CE9301FDD00998293B0761FB432143D4040BE97EF0BE15ED8F01045B176F9D08A72AD85B487E834F118122FE75
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Dialogs module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in t

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\WidgetMessageDialog.qmlc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):628
                                                                                                                                                                                                    Entropy (8bit):2.141656361019161
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:05K1cGXEEEEEEEA1Ux1cjmC2OD3gkXEEhU:0QcGpyumtEz0+U
                                                                                                                                                                                                    MD5:F640BA6DBE4152503A3BB40C49759036
                                                                                                                                                                                                    SHA1:0A8058DCDAF59E742797B3CDB97C1CEE0B252ADA
                                                                                                                                                                                                    SHA-256:3D6CC8CB4DEFF3467230D7047E21E23844DC0280CBFBFBCBBD7918603611E2E6
                                                                                                                                                                                                    SHA-512:11C09416C2FFAEC056AD64AAEE2C510DA6BBA93F7B402EE6BC17736EBC8C31B9210ECC03480B4550776B054E76DBDFBEDACDF34B200C7C6B410CCC0E24F86C39
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:qv4cdata)...............t....................................................+.2Uv*.'.gZ_...................#.......................................................................................................................................................0...X...............................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...P.r.i.v.a.t.e.W.i.d.g.e.t.s.............................Q.t.M.e.s.s.a.g.e.D.i.a.l.o.g...............@.......................(.......................)...D.......................T...T...T.......T...T.......T.......T...+.......T.......T...........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\dialogplugin.dll

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):141808
                                                                                                                                                                                                    Entropy (8bit):5.91354020244006
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3072:trGr0Ii8KHiE7nZrxlX9uVKTXft+3wmrLnyIv:trO5KJbd9GKTXft+Ay5v
                                                                                                                                                                                                    MD5:F6B0C744D24762818B0950D61FBE0C45
                                                                                                                                                                                                    SHA1:9560528BB2D338C2788510E1110E6A46B39A2211
                                                                                                                                                                                                    SHA-256:0C9EFDC3B001D629B3F140CF801755393F925DE13851A9727D1E157B8642E701
                                                                                                                                                                                                    SHA-512:C8B8FAC049CDA98D5DC5E1BE421A410DCC802CD5A9DFE72ECCF2398AE166BDBE2D51E8520B267B5B0F99CDC8CE84B80D484001E34719E197EEAAA377D75F77A7
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......q.D;5.*h5.*h5.*h<..h1.*h..+i7.*h!.+i7.*h../i'.*h...i2.*h..)i7.*h..+i<.*h5.+hm.*h../i+.*h..*i4.*h...h4.*h..(i4.*hRich5.*h........................PE..d......_.........." ................,........................................`............`.........................................0...|............@..P.......0............P..T.......T.......................(...p...0............ ...............................text............................... ..`.rdata....... ......................@..@.data...............................@....pdata..0...........................@..@.qtmetadm....0......................@..P.rsrc...P....@......................@..@.reloc..T....P......................@..B........................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\images\checkers.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 12 x 12, 8-bit grayscale, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):80
                                                                                                                                                                                                    Entropy (8bit):4.8250725838538475
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:yionv//thPl/lEyAg+KjExt0Klds4M/2g1p:6v/lhPkpg+sEr0Kw9Vp
                                                                                                                                                                                                    MD5:0517A78A9D76782D9C5A0A256F696C42
                                                                                                                                                                                                    SHA1:A5C8AA81BEBAFD4C2432922768F83B17B890ABBA
                                                                                                                                                                                                    SHA-256:A9FAABAEE11FDCE6A16954F4B5ACFB8CCE82B956BDA8E36536E2FA2A5565833E
                                                                                                                                                                                                    SHA-512:F2DAB5776571D2A0E9AEDE01664B6191805AE484FD3016034BE1E0076BA4525EBEB769DD1D23BDF48D138D38433DA138C1C9D66465BE91CF4F9DC3CD837E0F38
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR.............s..;....IDAT.[cx......b....Q...:.I...M....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\images\checkmark.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):809
                                                                                                                                                                                                    Entropy (8bit):7.639303591497463
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:6v/7lCOYk1ciPxiqauOsLcf/BKdfTXuFUm3BbtbGaOal/5pRFwvckbtyYyuRer4m:zDDFW8JKdfTYnbGRaZdFwvcUdRryyKx
                                                                                                                                                                                                    MD5:EFE373D58B121955066445DE9442469A
                                                                                                                                                                                                    SHA1:114C6A870D9A9F821C067D6B217069FB1F57B100
                                                                                                                                                                                                    SHA-256:C64F5652492178D3E77C358C8169200A819BE50AE557DC5A9D71C1F77AA2EC7B
                                                                                                                                                                                                    SHA-512:C78A74A1603DF60E1F24DCD3A19044C0402CFB3C02B35DF0E53813193E0DDD672A7AD53FCC7591E1ED57A39DA80704F70E853B2A3201F8FDFE6FAC7457417761
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR...@...@......iq.....IDATx.._h.a..?.m1....Y+5.`h..7HJ.H))....R.(7.P..\XI[v%.b....(.N...p16.9.~?u...}...{....=..y...{..}^.....X...W.80....@w..9m.n...d.v..x.p1.....|5.Z.?.L.._........O......+.8).'.uV..8............k.!..!Pj.~*.#....V.~..?b).9....b......$D...s&.-......?..V........l.....|)pI....Y1@...7X._V.......Y1...>.!m....9V.g.}...Y..........[.....Ujrc......&K..E......R..`J!/..%..".^K...7...S..v.;.....{....g.k.....G.*..Z..;|./&8X.O3.w.. .?...%..,.=.c_...W.B......Y....AM^..8......m^..:'.u...W...g.k....h..zF6......'....;...$7;}.V...p.?ko...^`.O.X.`.a`~J...g....V.A.j.....eb.$\..<.7.$.....?......./...j.<..Q........g/.+O..LZ;.^.....R.....B...w....!.k........q...".'c..'......?.l&.*.^:..f.@.vyp..AP.....)F^..%..1....)......a.0.fr....&..'t:..........*G....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\images\copy.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1338
                                                                                                                                                                                                    Entropy (8bit):7.747124563344084
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:6lVM8MgSjOvbmMhbYy2bwlWsnPyP/dPgqk4ag90m2Tlk/Mo6C6sGZI5A1:6lyU+wD6wlWsatPgQvK1em1
                                                                                                                                                                                                    MD5:EB9DEAA140599B0AE5B6F17885BC4FEC
                                                                                                                                                                                                    SHA1:A48179DDCE06E34B40CCD002E8B57F6E6E43028B
                                                                                                                                                                                                    SHA-256:2F1115B9C1D70650B8459714A7C410A2629D1992A25E4AF9ECAAFA9CFA1254D7
                                                                                                                                                                                                    SHA-512:C90EEAD71CFC46EAB38DF0C380139E549EA64D6C320CFCBAC395AAC5DA905B35266742A751559176700FC54B73116085C93BF50891186E8D0C1CCAE6CACB8D4F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR... ... .....szz.....gAMA.....OX2....tEXtSoftware.Adobe ImageReadyq.e<....IDATX..]L[e..wo....I q.&.N..p.D.P....+.&J.'......l..9......@l.C. +..(.....J{..............*..<9o!...<.G.....F...LZ&a.j`...y.?]P...W.@0......2.'.X"s.yk.K.r..{......@......1).Ka%.D8.Bs.........y$..X....]....".K....M4uY....6..:..._..?V.EEU.*..........%...k.X........p.A....].......Z[[..U...T....195..9.&&PPP.!.o|.I....\...OA..C....j..PCf.....z.H....Dee5fg....f.t...@2-x..Q....p.F...S..~..E.'.a.A8..Pwu.LC#.5...q\.>,/.....z.c@}}.P2..F.f.............dn....:.~E"..+*0..@..mW.4.|S.5@f:......e....C.....cw...*w......e..y......Bgg'zzz8PIi.ni....o....g...%3.......@..(...cmm.........|...=@....A677.v.V.....U...G..;....%.$3O$.(+..........6Z..0...'.<=MI.J......=...0..|q.........P...zH....k....Wd...Sj..F..<..........f....d..(;d.H=.s...@ .eU..-..:c.}.i.v...]=.&...r..J*p.W.=..~.....g...@..D....qL..+++X__..'Y..t.PO...e..2.4...X..dNi)9.D.@....|[....O~u..q..q,.~.Nm.7....d,m72%..#..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\images\critical.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 32 x 32, 2-bit colormap, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):253
                                                                                                                                                                                                    Entropy (8bit):6.644105823239495
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:6v/lhP6rmoY0Xhvz23P4vC4IrRHUHThSJ8mlQBOkDwsup:6v/7yrnYch723P4vC4CRIQJ8UbN
                                                                                                                                                                                                    MD5:C0D25F09F63973E3E8D63929069E7BA4
                                                                                                                                                                                                    SHA1:AF6EEA179B40FEDF1BF38C863F2F0B11C63F4A8D
                                                                                                                                                                                                    SHA-256:11F9D1B451E5CB9A3C075387D56AED11AFDF5FF3ABC874B12221E695D5DF9C95
                                                                                                                                                                                                    SHA-512:3A6A05DEA9B818C5CE79586D5CE07DE4013020411D18A4F1AD5CEDD00AF0A57057F68ED22FDF5C592CCEBE7AE9E3FCE418097BC9BF6459672930D22F3F312B4C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR... ... ........g....PLTEe-g...........w.....tRNS.@..f....IDAT..].1..P.D.&...#X.)<.O.......aOi..G.%Y...v.........P....P....U.-..(|..H.j..)..].(.eHv.b.F....*VmP#....FlbH...}..s.'cL.l.Q...O...N{..[.#.....q..m...|..k\....N....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\images\crosshairs.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 17 x 17, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):876
                                                                                                                                                                                                    Entropy (8bit):7.601096840987649
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:6v/7yGiKZNdq4nks6YBPK3ZreNaXduKACDu0eHZdZodawndtKOXDg0sOQpKwgLe5:nGi2qw56sSpCKwHZbMGOMIwOeahW9N
                                                                                                                                                                                                    MD5:27D78295C7BE72DFC4F9902DB999FE12
                                                                                                                                                                                                    SHA1:E83D516E4ADC19963C35BC621C212ED23AFA320C
                                                                                                                                                                                                    SHA-256:30B4A6C95A606AD8E9649F55DC9AA1020637ACF850D204E31904B7144BF4969A
                                                                                                                                                                                                    SHA-512:0DCC78AAFA8F45A428A348DB5D0C19A9427CF966AB4F7D0F7B2A009B730C6B7E93844A6BDBF70D332AD6336E38154AE8F2FC4D0ADE2740BBD2E771A26E39B33C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR.............;mG.....bKGD..............pHYs.........._......tIME........6&.....IDAT8.TAh.H.........j.!..1.....,j..vK...$|.I...vw..n..r.A......"....Tl..d-.1.ZA!^C.....5.^.o...7.{...............ey.W._.p......!I&...=#5...]...R..;....Fc.1..aH.bq.....<.o.*~7.'.F.RJ..|.q6.]0M........B>..L).....M.R#K...t:.y.DU.eY...eY...E..&.t:F)}Ijd.+. .vJ.R,..NF.Q\.#.^__......t8....htR*.bA......;...j. .J....=...........e.....O.Rk.V...Y...1.~.<.a..i..,7......7....w.%..<..B..E.4M.4M;.E.s....$..e..K...'.~.._...Fob8..~.?.eY..u..r...x.....:.....G7.vww.v:.^.....qV..a8...,o.^.1..m.#.0UU.zE......Q.!t.8....j...m...ca.....W.U&.9..r...^lom.....b.RJ..H.)......^.."..A&.9.U|5c1....a...x1.H.u.n......B..m........x.h......W9.U..!..n.}A....zCQ...@Q..^.7.AXl..>Bh.f.gb...5Bh..l...I.4..@.4..O.fs.!......K.V.....y'.(J.....j...W. ......(.x....grBk..P%X....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\images\information.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 32 x 32, 4-bit colormap, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):254
                                                                                                                                                                                                    Entropy (8bit):6.547926800884188
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:6v/lhPLARehlh16BSVVCCVaWqsbfrXW2IK855/gt3tVp:6v/7gKhE0VVxaWjrXW225Yd7
                                                                                                                                                                                                    MD5:E63DA36F919735C308F3A549AB9DE849
                                                                                                                                                                                                    SHA1:D2E037B8FF7D52E8FEFD71334878FA68A083BA18
                                                                                                                                                                                                    SHA-256:84878E61F7605016611FBB49C07F1963C4823B41208162072FBCDA30963301B7
                                                                                                                                                                                                    SHA-512:6EF916C15958E7CDEDA1C6FEDB314585B2C1608936763E6E85877D3E25B9F0D76BB9340BD06F6AD251A363653415EB2CD41611EB1D203D13B190492BF45E6C63
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR... ... ......Tg.....PLTEet-....................tRNS.@..f....IDAT(..... .DA^.(L`u.T..H...bl0E..}.x:;.9...8...Z...W. T..J..?.Y...r=.a.2;hI.xK.a.S.TpY...(._.}.....hEK .`...I...C..k.t.w..JI.J.U...e....UQ....S..y.q..; ....M..{.R....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\images\question.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 32 x 32, 4-bit colormap, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):257
                                                                                                                                                                                                    Entropy (8bit):6.415365056752292
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:6v/lhPLARehlhx/ATmN3CexVXDfiJasfw6yvwM8p:6v/7gKhxR3HzfiJ3ov3u
                                                                                                                                                                                                    MD5:FC9C3BEA26774AC81478D5A102D2309C
                                                                                                                                                                                                    SHA1:475360264E44712708F262EFC5BA0173FC5B2A58
                                                                                                                                                                                                    SHA-256:98E8DD83FAC047B42FB3DE69F2733B87697CA8A33F54AE12E65D2D88867EF80A
                                                                                                                                                                                                    SHA-512:8EDEE937294990F49F1CE82A5F6A6CFE33594935991A0500B895389C4F78B45AD5E9B30B10FE045294DD2B9FFBBBBF47252E8EB8C33D92F69135ECDF2AB2549B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR... ... ......Tg.....PLTEet-....................tRNS.@..f....IDAT(.....!.DgE.A..D.D.....k................xK.p..5H.(..'hK.9K.k...\\.4..p`.9A..<.gL0".8A9...M.~..._..7.k...6b....I`(K......!&I-.S..%#.C0...I....N.t.....B._..NK...d....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\images\slider_handle.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 33 x 35, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1551
                                                                                                                                                                                                    Entropy (8bit):7.792886790544157
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:ML/6UyaupoFkgoKOldzUIWx4HYAqmTq5Y0x7y/QDA9bJt+COW04/zPwNOh0dFakX:0/6UyBpoWtKOlnHHY7iKzy+CfMNOSQkX
                                                                                                                                                                                                    MD5:2FEDE459808D27D66E72CC141C247775
                                                                                                                                                                                                    SHA1:FE82356C019458249747C1FD9BA2635A8F697FCF
                                                                                                                                                                                                    SHA-256:8FA5D483D83FE4A9320D524A5396C6C4DF80F48E553B0FDF344B36576236ACDF
                                                                                                                                                                                                    SHA-512:EEDA47AB421CBC535BD30B374D6057BB8B5B2972B5A4564555E301DCD0400A34F99A988E828075BFF0D1198F22F7A47E5620B93B3053A8478E7A4D1DF08AA241
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR...!...#......,cd....pHYs.................IDATX..oH.e......e.a....rB,....b!.".Le.Dc...`$.......B...F.,D4.1X0(."..Q.65.?.z...}?..............;.y..>....%..o.).......Q...4..h-....8.$..c........xS...........vuu.v........KJJ.K.^]]._\\.........J......[.y,..`.......#G.UTT.....`..Dz....DB....w..t../4/*^..K..d. |...Uz...o....Z[[.j..<8..VTT........;;;.......x5... ...G..|...Z}e,.s.w......:.....h4~...w._...f.., 9A8O.G...}............QP..\...C...E. K'O.l... "..5.....`.%......<..lnn:.8&......0...r...gwoo.....Pf.V~."..........q..L.8...9....Q[[...g..`.8..Q7....../~*.aBj+5.A.*B.1...u..S.....D......vbj..lwMM.......X...9...)w".3T]]....bfffNB.|..H..'."r..............A....s).p8.utt..h7~.n..E...477.IP(F..5..2Y..!s ..n.Um."q...N)3.|.(....E ..V.tBM 7..3....]ZZ..)B,v.3AH...'7.f..LB......7y.M.@.(.......VfDTl5V|6N.-...t........C..d.|.."......A....1dN..(..sZ.@.......n.E........n..W..;..i.. .....6...D......i\...L.Hp.....N.....a..I..F.o@L.V.KLNNN-,,.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\images\sunken_frame.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 74 x 61, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):623
                                                                                                                                                                                                    Entropy (8bit):7.202049687689328
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:6v/7r5/6TFvNygZYD0yL0iRkl+V3tz1VNRJGhxNxNxNxNxNxNxNxNxNxNxadSQgu:e5/6rygZYDp0iRkl+9tz1VjJGhbbbbb2
                                                                                                                                                                                                    MD5:CA1794DACDF01801CE397608EF365155
                                                                                                                                                                                                    SHA1:C126DF19665BEB8F98FE19566611A39CD261A50C
                                                                                                                                                                                                    SHA-256:B4E6F75A256A8153AC362824A8B7DAA29C77008D812C78DDFA48F916A26C9F60
                                                                                                                                                                                                    SHA-512:9BEFA015DB39E33DF451F5FC0A2EFDE2B231398FC7AA1D9B5136A0736027B4D00DF352DEDA603F679B0296EB675937202035EF2850B50CE28D079966910CA55C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR...J...=.............pHYs................!IDATx...=N.@.....F..h".+..9.. 7.7..^tIC...X.?...(...J.+.P.c...q..f..m...!$Ir..t.d.4MC...,....p8<.u.j/..e3.`....?..*S;....v.^?F.,.!..O.o...b....7.`e6K..s..O.*...7.............P.%."........W....Q.....X...t.........p..|..>..8.6az..+...._......l.3..v....u.dv..'Vi..x.1E..PL.{&6.;.s..b.,#(A..dL...)@..(A..dL...)@..(A..dL...)@..(A..dL...)@..(A..dL...)@..(A..dL...)@..(A..dL...)@..(A..dL...)@..(A..dL...)@..(A..dL...)@..(A..dL...)@...@.a...=...%..[e'(...k.........8fW(.].Vw.....K.......p.p(.b..k..n..|..~{.I...i.:2...Qc.a.}...B.4.?o.}p.Yo.....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\images\warning.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 32 x 32, 2-bit colormap, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):224
                                                                                                                                                                                                    Entropy (8bit):6.463068668189326
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:6v/lhP6suFh2DkA1u9mqw3WTKwyLJ8a0a2vro1X2up:6v/7yhFh2DpuYqw3qKzLJnI81X2c
                                                                                                                                                                                                    MD5:BC3BDEA5EF8793CF2437F69181BB01F5
                                                                                                                                                                                                    SHA1:7F37DBA2901F59D2976862C824A9068D02BAAF5C
                                                                                                                                                                                                    SHA-256:05408A124A293DF55CA5D3EB62F373C954075FC7EEF903C96F2559A9F3DBEED0
                                                                                                                                                                                                    SHA-512:82177628BAEC04A2D7FA320F5AE8BADC1525ABE8AF171D8BEA8439D390A5A931B66C9AF43349D3C1748A39BF691BDDAD7F3F29768829D986A08B9B767C9F2148
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR... ... ........g....PLTEe-g...............tRNS.@..f....IDAT..U....0..P.2....%...K.QzD.'....S...iQ..O..e.........=..~.(.....-.0i.....(...(Z........ ....14u(a}.*..Q8.*..3W..<E......@"..N....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\qml\QtQuick\Dialogs\images\window_border.png

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PNG image data, 29 x 29, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):371
                                                                                                                                                                                                    Entropy (8bit):7.300004361961238
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:6v/lhP2/2sN2+Dp4Fs/RHWkx2Q1evgQdWrqALFb2ktDPYPK7I5mGL/CYIYA8QvEl:6v/7HsQ+FasJF2Wey7LF3DWK7I5jGYIG
                                                                                                                                                                                                    MD5:3C059400E675F24F62F21A735D6D86A8
                                                                                                                                                                                                    SHA1:A1C8A945389171C2872BA7CCA7ED25BDBB245134
                                                                                                                                                                                                    SHA-256:9B6B13CF306091BE1274C62D0DD54003935CDBE2AFDDFA23D71BE3360E44213A
                                                                                                                                                                                                    SHA-512:3903DD82D4C03886E4EB4B3931FAE04B211D309CE9E8ED4D9A3D49C9B66AEC432C16834C387F4E84402E9297835FBE50B47BB3A182901BE9A214BD3331ADB82D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.PNG........IHDR....................:IDAT8....N.0....J. ..D......k4zKj.`..0..dc.].m.d..-I.N.".x..}..b..b%K.\|3.i.\A...C.y..[..r)...O-.P..u....N.!....HcKu^..l.J..C....0fMt..........\.9%.b...y,."...=.`.[(.Kc|...x..F:.R..&...M+.....a.]....P\^..Z.....M......>..t..-49Vp.5.\..;.....Av.jp~.\.#.a.\z...^e........k..)...xsr....D...p"........./...Mb5p.....IEND.B`.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtconnectivity_ca.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):51887
                                                                                                                                                                                                    Entropy (8bit):4.580441331278817
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:7694xRjL5XLLSwjJlnA4q6y5lS0CCqjcS3xhrnFa7Jh62F8sbdZX0IgkOdHZObVp:7E4wgnA4aufpjzdkgKR9nAIoq
                                                                                                                                                                                                    MD5:70CA95DF607C296DD2C860462CD005D5
                                                                                                                                                                                                    SHA1:86779204E9294D22517984E4BA2B1C3C073FB6A8
                                                                                                                                                                                                    SHA-256:56FAE950ECF0A5469AD394DBD7A9E20214CFFA878604DEF6ABEC50C1C969C244
                                                                                                                                                                                                    SHA-512:1A6207549AE9E1A91A04A306F940E516E190A1FCD4E10CC168AEFB165E42110D7CEA2C00A14A45623AD6A4BFF9B69A8617EF8AD792EFA19C230E2111392D101A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......caB...@..G........t..D....t..E:......./...D...#...T..0.. .u..\..)I3...].9.....G.>.....6.OQ...Ln.c......id......xO...&..z....!..{.....L..........K...m.......u......#..9...5t......<.......gB...)..r..$J...1..&E......&E...>i.&E......(B......-x......5."..!a.7.4..(..9#~..2..A.U..C..L.....i.T.4..<..c.d.....c.......ryd.....r}......s.......}.9..sb..+r......8...5...{e..7f..pS..#................<.!o......5a...^..7....J..D..../..MT...B..R.....P.Z1......d*...V..e.E..%A.s.u..x..wg...a}.}.4...........?......1......[n..|...:....u......q%..(X...d.._-.....[......./-..&...R....5..p.......R....5.............#q....{.4+......7....K..7.#.....8|E..rz.L.7..i=.u.e..&..voE.....w.<..3...k....R...t......n~......e...n.../,..]..........]...6T..Et..*...`l..$...#...v.......k....3..H...#D..........+...w).....%T......7.D.....7.D..cq.K.....H.R.'..m..T.....).d.$...G.i;....9.l.P..y..v)... ...&....9..1D..Qj..a...Q...........b......W..Vz.....eh..J...K...E..Y.......\B...W..F....t..`...OC...x....

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtconnectivity_da.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):45569
                                                                                                                                                                                                    Entropy (8bit):4.712861199972688
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:XcC5ouBIfMKJxbaHubKd+Z0rMbwDErVDu/sng5k089beqyjUkCZODuvD9auc3xbd:Xc84v7LDSv/s6yBeC+MvNK5LFaGSi
                                                                                                                                                                                                    MD5:65351255B6896A5059FEB8FC89DD96DD
                                                                                                                                                                                                    SHA1:5B882AD5E576ECFECC6F18DE7834DB7B855CEC10
                                                                                                                                                                                                    SHA-256:A835768E11CD741C97E3AE73E3E5B98E552C0A23BAAF5364199B6242994DDD25
                                                                                                                                                                                                    SHA-512:D781422F5215B06D8AA6B41867399344A75268A312672CF1E68D49AAF0A0B5E613FD1E6DA15D363139B213D1809FEF26080C630A8F05DD186636FCF48C7D9ED7
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......daB......G........t..;`...t..;........r...D...h...T..).. .u..P..)I3.....9....q..>....r..OQ...B..c....5.id......xO...!..z.....w.{.....w..........K..._.......f.........9....W......4.......Z....)..d..$J...+..&E......&E...62.&E....+.(B....s.-x......5.".....7.4..#..9#~..+..A.U..:..L.......T.4..4..c.d.....c.....Q.ryd...q.r}......s.....S.}.9..e...+r......8...-...{e..0...pS...H.................!o...s..5a...R=.7....@9.D....)].MT...9..R....q..Z1......d*...J..e.E.. ..s.u..j..wg...T..}.4..........w8.....{.......O...|...2....u..|...q%..#q...d..R......O9......(...&...Hd...5..b.......H....5...,.......a.#q......7....A..7.#.....8|E..d1.L.7..[..u.e..!..voE..}..w.<..,...k........t......n~...k..e...a$../,..Q^.........].../=..Et..$...`l.. u..#...h.......^/...3..>...#D..."......&k..w)...:.%T......7.D..p..7.D..V..K.....W.R.'.._X.T.....2.d.$.....i;......l.P..j~.v)....W..&...of..1D..F...a...F...........b......W..Ka.....XW..J...A3..E..M.......PK...W..=Y...t..S...OC..............&$

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtconnectivity_de.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):49383
                                                                                                                                                                                                    Entropy (8bit):4.645989602829709
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:2WMiQ27nnGTDha1s7sYHobQzdBEpAkhKNVxd9H+Cpy9H1bSeanHZasJVDdNL04rp:Bm+EzdTRdH+DBWpVN2OL1TQl0ASj9
                                                                                                                                                                                                    MD5:B22DFB48BA81D17F625E346E85D3AD82
                                                                                                                                                                                                    SHA1:FB1CF8263FAFC5A8DDCAD0363B23EA41486CF3FB
                                                                                                                                                                                                    SHA-256:0DB3C03AC09A7A5078D75FCED7EE8D1F5B1F2BE87821E5EF7347BD591F31ACDE
                                                                                                                                                                                                    SHA-512:BEB3299DF0A4F73B695B9945E217C014A30DBE70256D95810F56A3436F9E401958234374E75911098317B04EA5B0DF1647A982492F1E4F9697A89740ACE34822
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......deB...@..G........t..>....t..>............D.......T..+.. .u..T..)I3...+.9....v..>....w..OQ...E..c....<.id......xO...#v.z.....n.{.....V..........K...dV......k=........9...0.......6^......^d...)..iK.$J...-F.&E....1.&E...8i.&E....L.(B....~.-x......5.".....7.4..%..9#~..-..A.U..=..L.......T.4..7..c.d.....c.....r.ryd...Z.r}......s.......}.9..i...+r......8...08..{e..2D..pS.. ..................!o...x..5a...V..7....C<.D....+F.MT...<..R....u..Z1......d*...N[.e.E.."I.s.u..n..wg...X..}.4..........|=.............ST..|...5*...u......q%..%....d..V......R.......*...&...K....5..g.......Kd...5...U.........#q......4+......7....D..7.#...'.8|E..h..L.7..`I.u.e..#..voE.....w.<../...k........t...u..n~......e...e.../,..U'.........]...1d..Et..&|..`l..!...#...l.......b....3..A...#D..........(...w)..._.%T....5.7.D..ur.7.D..Z..K.....4.R.'..c..T.......d.$...a.i;......l.P..o..v)....n..&...s...1D..J>..a...I...........b......W..N......\...J...D(..E..QX......T....W..@^...t..Wf..OC...Z....

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtconnectivity_en.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):16
                                                                                                                                                                                                    Entropy (8bit):4.0
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:j2wZC4n:CwZ
                                                                                                                                                                                                    MD5:BCEBCF42735C6849BDECBB77451021DD
                                                                                                                                                                                                    SHA1:4884FD9AF6890647B7AF1AEFA57F38CCA49AD899
                                                                                                                                                                                                    SHA-256:9959B510B15D18937848AD13007E30459D2E993C67E564BADBFC18F935695C85
                                                                                                                                                                                                    SHA-512:F951B511FFB1A6B94B1BCAE9DF26B41B2FF829560583D7C83E70279D1B5304BDE299B3679D863CAD6BB79D0BEDA524FC195B7F054ECF11D2090037526B451B78
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtconnectivity_es.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):46591
                                                                                                                                                                                                    Entropy (8bit):4.564321972676103
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:INB/YqJ5tXJAKnPYapNiuwR63ECnsXCcWzuNBnYAITPQ1/yb5dRuR:c5yKHpNka1CZw5Lm
                                                                                                                                                                                                    MD5:DE8187285115A9D13C92B265E32B953F
                                                                                                                                                                                                    SHA1:F20D2BB597AC8EE9DCFDD74AE019F936971954EA
                                                                                                                                                                                                    SHA-256:85059995827BF473EE93380918712A671461FAFCBC62A8406A17A3EDFC4BA915
                                                                                                                                                                                                    SHA-512:5A5F9E878C0ED7E6399B578F70F4D42D0170A6662F1D247F17DB3F1539E227E3B0DCCBBBA0F0BF01C941401FE08DE023B9EFE67C73CA65F31DF720385C133B28
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......es_ESB...X..G....N...t..?....t..@............D.......T.., . .u..W..9....|..>....}..OQ...G..c....U.id....t.xO..."..z.....E.{................K...h.......o.........9...0.......7.......b....)..m..$J...-Y.&E......&E...9h.&E......(B....s.-x....L.5.".....7.4..$..9#~.....A.U..?I.L.......T.4..7..c.d...K.c.....y.ryd.....r}......}.9..nQ..+r......8...0q..{e..2...pS...........3.......T.!o....O.5a...Yk.7....E..D....+..MT...>..R....{..Z1....j.d*...Q..e.E..!b.s.u..s..wg...\\.}.4...h.......$.............Ve..|...5....u...k..q%..$]...d..Z......U.......*...&...NT...5..k.......M....5... .#q.... .7....G..8|E..mi.L.7..dJ.u.e.."/.voE...G.w.<../Q..k........t...D..e...j(../,..Xp......Q..]...1...Et..&...`l..!...#...q.......f....3..D ..#D...x......'...w).....%T......7.D..{..7.D..^P.K.......R.'..h*.T.......d.$.....l.P..t..v)....!..&...z...1D..L...a...Lp......P...b...b..W..Q......`9..J...Fu..E..T%......W9...W..BW...t..Z...........&$..Kv.&!......H=....;.V....N..XA...4..az......b.e..1=.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtconnectivity_hu.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):43428
                                                                                                                                                                                                    Entropy (8bit):4.777297711194391
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:Hcip3heSwTBUo/dztIwmn4DtC/wcYUptQHM56VbOKtexCNBCgmDiD5fmIOh2H:Hcip4SwTBNywmn4hC/wc9755YtexQSCl
                                                                                                                                                                                                    MD5:6F7441AAFBE9C672C55B6085C7DC2AE5
                                                                                                                                                                                                    SHA1:7E95D623FB55865D93260210DE610F4A02CCFB38
                                                                                                                                                                                                    SHA-256:5CDEFB869ED55751415A16D44528AB132E78FBF53F943BAD9BC84B27ACCA472A
                                                                                                                                                                                                    SHA-512:833AB3CA13F2211305CE590DBDFA15063AD304E5492E276F27AD605DCC07E066D20FA2B7DF06D7C4A2936D03B416226244D86011D7270A1EEDA6FFD6C569985C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......hu_HUB...X..G........t..:`...t..:............D.......T..'.. .u..QJ.9....sd.>....t/.OQ...A..c......id....:.xO......z.....s.{.............!..K...`o......g.........9...,c......2.......Z....)..ef.$J...)..&E....k.&E...4..&E....`.(B......-x......5.".....7.4..!..9#~..)..A.U..9..L.......T.4..3c.c.d.....c.......ryd...q.r}......}.9..e...+r......8...,...{e...[..pS...6.................!o...uq.5a...R..7....?C.D....'..MT...8..R....rm.Z1......d*...J..e.E.....s.u..k7.wg...U>.}.4..........x......}.......O...|...1....u..~...q%..!?...d..S".....O.......&x..&...G....5..c.......G....5...*.#q......7....@..8|E..e..L.7..\..u.e...c.voE.....w.<..*...k........t...Z..e...a.../,..Q.......3..]...-E..Et.."...`l...=..#...i(......^....3..=...#D...V......$...w).....%T......7.D..r..7.D..W..K.......R.'.._..T.......d.$...T.l.P..k..v)....Y..&...p...1D..F{..a...F...........b......W..K......X...J...@?..E..M.......P....W..<M...t..S........%..&$..E .&!......H=......V....H..XA...0..az......b.e..,..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtconnectivity_ko.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):37040
                                                                                                                                                                                                    Entropy (8bit):5.736197609490334
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:H4gj2Dby4aBn173HwD7h8KCBio+Oi85aD8ML06cU99ACVPV:HDjKaz0faKx2a8T6cUHA8
                                                                                                                                                                                                    MD5:38554D1DCDAF84C4BECBBB38938AAACC
                                                                                                                                                                                                    SHA1:D3E736C0FBADC2A6C20FEEC017671AB95284CECF
                                                                                                                                                                                                    SHA-256:CAB886251C9AE4147986BB2C4EBB6DDF76BABC5B8D6569BC13812613421030D9
                                                                                                                                                                                                    SHA-512:14712CBA1E7BA1CBD5A35D9A4CD88CC469F0F840C4DF8AB573DF642B76DA148B979708DF2764EF87FF193DCC869EF1E763202584F16B5DD2531E76E67F83090C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......koB...@..G........t.......t...............D..|1...T.. .. .u..?w.)I3..z-.9....Y..>....ZZ.OQ...3..c...k..id...i..xO......z.....V.{.....v......k...K...KD......P......o..9...#.......(B......F....)..O..$J...!..&E....M.&E...)..&E...p..(B......-x....U.5.".....7.4.....9#~..!..A.U..-..L....._.T.4..(..c.d.....c.......ryd.....r}....(.s....mb.}.9..Ov..+r..et..8...#...{e..%8..pS..................pp.!o...[\.5a...@..7....1..D.... H.MT...,..R....Y..Z1......d*...:..e.E.....s.u..Sv.wg...B..}.4..|.......]......aC......>L..|...'X...u..b@..q%.......d..A......=...........&...8w...5..M.......8(...5..e..........#q....=.4+....n.7....3&.7.#.....8|E..N..L.7..H_.u.e...,.voE..b..w.<.."...k...j....t..{...n~..v...e...LE../,..?......h,..]...$...Et......`l...H..#...Q.......J....3..0...#D..g...........w)..._.%T......7.D..X..7.D..D..K....h..R.'..J..T.....9.d.$.....i;...lM.l.P..S..v).......&...W...1D..7<..a...6......q&...b..x...W..:......E...J...2...E..<.......>....W../....t..A...OC..n.....

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtconnectivity_pl.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):31377
                                                                                                                                                                                                    Entropy (8bit):4.774581815633691
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:k1Btop4jHZqPsftmNMB3/vNxN4RW6nB8PppCQGe8:CmmC4bBza
                                                                                                                                                                                                    MD5:C0224AE2DCF33290AEC840EB04A774A7
                                                                                                                                                                                                    SHA1:19AF6BF79DD782D00C100AD1AA2093E1AEC8B2C1
                                                                                                                                                                                                    SHA-256:64FEFDAEE792AE38FC069F07E339A3C2200C0B1887F9B785527BF3E4D3A6DFA6
                                                                                                                                                                                                    SHA-512:4B32710597A690C485AE959B9A51FA7FD6700954A1237760B0A2AB8EC475EEAEB1FE2B39CA960C48A8F4BBE72AA28912702A013963B979956B358029B1269C49
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......pl_PLB......G..............9....J..>....Jt.OQ...(..c...\,.id...Y..xO....#......[.......Az.......0......8....)..?..&E......&E... ..&E...aL.-x....-.}.9..@[..+r..T...8.......{e...#..............`..5a...2i.D.....s.Z1......s.u..D..wg...3......O.......0...|........u..P...q%.........0x..............-<...5..T.......r@.#q......7....'Z.7.#..p..8|E..?u.L.7..:m.u.e.....voE..Q...k...Z.../,..1......W...]....G..Et...E..`l......#...C ......<...#D..V...w).....%T......7.D..I..7.D..5..K....X..R.'..=..T.......d.$..q^.l.P..E&..&...HR..a...+......a....b..g...W..-...J...&.......1>...W..%...&$..+c.&!...^..H=..._*.XA......az...Q..b.e.....s$...C....2..%...v...G...A...M/..P...........Z6......O....%..Xf..1R..UK......b(......B.......A.......m..1....u.L.l..[(.hHY..K....<..]...-...!...(...h....$..0...9R..\...e...*..+....N..['...eZ.bz]...S.jud.......W..L.......)....D..........5...j"......i..@... w..(...4..b...E\..%z.....F.......b.. ....o..5.#..&..Dh...7..N....6|.POh..Sq.Y5...PJ.}.%..G..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtconnectivity_ru.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):49914
                                                                                                                                                                                                    Entropy (8bit):5.289068485521892
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:zweGuTIadBAnxchylgw3/3eBya8z3o5GNISIE/riAy:dGuTBdGDWEmB8RIHV
                                                                                                                                                                                                    MD5:FB3886461FCCBECC6F9165AE84986242
                                                                                                                                                                                                    SHA1:9CC478C37EA256E367B684DE7F25EDCAC8358828
                                                                                                                                                                                                    SHA-256:2A8DCCF95E0C81EF467DFD50856E3B38976CFBBA875BC64D98193B6C58DE0896
                                                                                                                                                                                                    SHA-512:EB1D2CD9EC175B3F01363BD3AC38A9BCAEAC73F2DFEEBE02C46D26D79298A21D14E66221568E051F7CF418A41B0B1A39C4D6FDEADD6A2AE2A5E61D5D8C7F0510
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......ruB...@..G........t..Ag...t..B......../...D.......T..... .u..Y..)I3...I.9....|..>....}..OQ...I..c....Z.id......xO...%..z....!$.{................K...i|......p.........9...3"......9p......c....)..n..$J.../..&E......&E...;..&E....Z.(B......-x......5.".. ..7.4..'..9#~..0`.A.U..@..L.......T.4..:$.c.d.....c.......ryd...>.r}....4.s.....V.}.9..o$..+r......8...2...{e..5...pS.."........K.........!o...~..5a...[:.7....F..D.......MT...?..R....|..Z1......d*...S=.e.E..$i.s.u..tH.wg...]..}.4...........S......?......XN..|...8D...u......q%..'....d..[......W.......-Q..&...PQ...5..l.......O....5...O.........#q......4+......7....H..7.#...?.8|E..n<.L.7..e..u.e..%..voE.....w.<..1...k........t...o..n~......e...j.../,..Z?.........]...3...Et..(...`l..$...#...rC......g....3..E=..#D..........*v..w).....%T......7.D..{|.7.D.._..K.......R.'..i..T.......d.$.....i;......l.P..t..v).......&...z-..1D..N^..a...M...........b...[..W..S......a...J...H ..E..V,......Y....W..Ct...t..\...OC........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtconnectivity_tr.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):45805
                                                                                                                                                                                                    Entropy (8bit):4.867005270170585
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:+119hirg5RgcagU46EEKmV1gSt6ZjynXybDDIPOvKqBXIFDCalbEgpu41IAsUz1l:+r9hi05RgPnm35vKTbpu41IfUzxBf
                                                                                                                                                                                                    MD5:7E426548AF63624789C22A4AC007B27D
                                                                                                                                                                                                    SHA1:66F5F8BF812D27A58BA4C427C71B47337E75519F
                                                                                                                                                                                                    SHA-256:0BB8CDCD2C0EF44871A983F138F9A46A25F0FCFF2750F81CBCFD243DBE8833AA
                                                                                                                                                                                                    SHA-512:0598516D41500B47C1703C02ABB1FAF4348192D43A381F893E8FA22DDD076FD11C631953648D863D2FD97593AF02231BFE5106693F70897029FA94872B0080FC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......tr_TRB...@..G....Q...t..:....t..;J...........D.......T..).. .u..PM.)I3...[.9....p..>....qj.OQ...A..c....(.id......xO...!..z.......{................K...^.......e_.....=..9...-.......3x......Y*...)..c_.$J...*..&E......&E...5q.&E....P.(B......-x....g.5."...O.7.4..#..9#~..+T.A.U..:P.L.......T.4..4..c.d...`.c.......ryd.....r}....X.s.......}.9..c...+r...H..8...-...{e../...pS...o.................!o...r..5a...Q..7....?l.D....)..MT...9U.R....o..Z1....).d*...J..e.E.. ..s.u..h..wg...T..}.4...o......u......z5......N...|...2L...u..{z..q%..#F...d..R......Np......({..&...G....5..a.......G2...5..~..........#q....S.4+....(.7....A..7.#.....8|E..c..L.7..Z..u.e..!p.voE..|H.w.<..,...k........t......n~......e..._.../,..P..........].......Et..$...`l.. l..#...f.......]6...3..>'..#D..........&$..w).....%T...._.7.D..oV.7.D..U..K.......R.'..^I.T.....a.d.$.....i;......l.P..i'.v).......&...n#..1D..F...a...E...........b...g..W..Jx.....W...J...@^..E..L.......O....W..<....t..R...OC...T.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtconnectivity_uk.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):42223
                                                                                                                                                                                                    Entropy (8bit):5.034808358439184
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:X6MrgTlBI56DonWt9TXOOVeuzrpXVzbB6EtXR2AmoxpG66jq2PC4a+mOOeQcg+MV:KUgTOWNjeu3yAm4A7PUdfPsN1onmGTNt
                                                                                                                                                                                                    MD5:3BB2B8E555D1FE0AA5824E5CB6667A17
                                                                                                                                                                                                    SHA1:F48D726951655809158C81B2B6812B6241260C4D
                                                                                                                                                                                                    SHA-256:8DF80026E7CD4B81C898ECA4834882BFB48558B6A55C2CB850061B8F1947CEF8
                                                                                                                                                                                                    SHA-512:2057519225698FD166274D8A5505F3FC078A5F642D2A8A7EF823E31CF199AED4348C8653DE17C0103B40DD72E8AF0F48E257D747290CB12751E2851E6E1B6C59
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......uk_UAB...`..G........t..8....t..9!.......J...D.......T..&.. .u..NV.9....od.>....p..OQ...?..c......id....n.xO......z.......{.....E..........K...]S......dN........9...+U......0.......W....)..b".$J...(%.&E....[.&E...2..&E....p.(B....=.-x......5."...t.7.4..!..9#~..(..A.U..8..L.....P.T.4..1..c.d.....c.....).ryd...e.r}......}.9..b...+r..~A..8...*...{e..-...pS...d.................!o...qi.5a...O..7....=S.D....&g.MT...7..R....n..Z1....t.d*...H..e.E.....s.u..g..wg...RZ.}.4..........t......y,......L...|.../....u..z[..q%.. ....d..P......Lw......%...&...E....5..`}......E=...5..}..#q......7....>..8|E..a..L.7..Y~.u.e.....voE..{..w.<..)...k........t......e...^.../,..N..........]...,1..Et..!...`l...e..#...e.......[....3..<...#D..........#c..w)...*.%T......7.D..n).7.D..T..K.......R.'..\..T.......d.$...u.l.P..g..v).......&...l...1D..D#..a...C...........b...@..W..H......U...J...>?..E..J.......M....W..:....t..P...........&$..B..&!....T.H=......V....F..XA......az...{l.b.e..+..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtdeclarative_bg.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):70152
                                                                                                                                                                                                    Entropy (8bit):5.090575148550578
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:1536:8LWrCowUHUZxfV6Ro5nH4B+pRdfeASHygM5v9r0Hsd7AAIIr6KLivz:81B2sd7FIBVvz
                                                                                                                                                                                                    MD5:5723EEA8825E6F35814AFA377FDE5257
                                                                                                                                                                                                    SHA1:AAD3A85BA029D9128F58F6535F8519074B84ABA9
                                                                                                                                                                                                    SHA-256:FAC1AB26FE0DC23027A62B2A63144F831D1D91B83E3C6E1611130AE5D243062C
                                                                                                                                                                                                    SHA-512:3BAFA14F5496E3344E0B100D206689FDBF1939EB39498522B21083587829FA56C932761372F4F78B9FCCA6DF1DF5818D2F4ECFE6028943B7757599D3F7857F74
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......bgB...........S..Ht......!n.....vS...!..zd..D..(2....I.S{......T.n...].[=......^.....I.^,......t.>...w..........Md...(......j...d....n..........g...LQ.........Xt......1......................|...E........H...B..Zq.7"...!..H!E..;..XJA...*._.s..h..j.R.....u&......|)^..W.......?F..I2...j...4...w..#....@...Y..G..............TU......]....}..i@...}..u...x..>..........<D..e......Y..!g).....&Xd...../Xt.....BW...}l.F.R.....Y.C.....rN...........Rz...$......l.......bb...........r...>.......n.......T..."......F...*^.....................:Q....x.Nj...ox._3....;._3....+.}......._..............-E...s..-E...v..-E......L........a....$.>..I..&.....d.,n....&.C.......K....M..O.....A.V#......n.......n.....C..x~...:..&....;...$......Q.......V......._...q...t7..v...(.........c...<...~n..................Q....#..X....)......P...b......$.......'Z...y..;_......L.....(.S....0/.U5...H..X....\..z.2..Q0..Ji...........{...U..?....D......:...q...........................e..@k..=......=

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtdeclarative_da.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):69319
                                                                                                                                                                                                    Entropy (8bit):4.471427797872923
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:X4x+ORcpgZ9+3+uydCUWUNYQMf3kcY2jTKu118/tBMzmaNkRwK:XIdqpKXRNif3kSj2u118/3T
                                                                                                                                                                                                    MD5:F584B53E444B922FA0D43E4CA4612022
                                                                                                                                                                                                    SHA1:002B640A97D9619676B3133777C869B151DEE457
                                                                                                                                                                                                    SHA-256:F2A30B4B3A0AFE65AAFE52FE634F24DC6DA224D6206E01C0DE00FAE3F2F81DC3
                                                                                                                                                                                                    SHA-512:B3DA803337E03C810C18148645AE4727DDC215F74DB864C07110A1B728A0663778AAA9A09EAB8D52AA5942D3344B85BD87340804E6B06778409CBA3C08906D03
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......daB...P..........Ht......!n...)..vS......zd..Aa.(2......S{....!.T.n....W....p..[=....C.^.......^,...w..t.>...Q..........Md..........c...d.......................g...H_.........Xt......7......1......................|...A...........B..U..7"...!..H!E..9..XJA...?._.s..b..j.R...D.u&......|)^..R.......<U..I2.......4...f..#...|....Y..D~.............O.......W(...}..b....}..m...s.../..x..;.......J..<D.._u.....Tn.!g).....&Xd...../Xt...O.BW...u..Y.C...0.rN....]......M....$......l....P..bb.......)...%...........>.......n..{....T...c......B........Y..*^...........k.........:Q......Nj...h.._3......_3......}...........d6.._....p.......7..........-E.....-E.....-E...#..L....m.......@...a.....$.>..E..&.......,n......4.......C.....8.K....I..O....x'.V#...y..b_......n.......n.....o..x~......&........$......Q....^..V....P.._...j#..t7..o...(....V.....]...<...v...................Q.......X...........L...........b......$....w..'Z...r..6.......;_....7.L.......S.....B.U5...E(.z.2

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtdeclarative_de.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):74839
                                                                                                                                                                                                    Entropy (8bit):4.366362763172934
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:1536:TyBhBK8bbIHRPzFdj5J0V3EgiM0SDa1R2Y/dTKtiR:arKcbIxPzFdj5J0V3EgiM0SD+RJdGMR
                                                                                                                                                                                                    MD5:CDA573C273C975FCD7B0818EEB53AFD8
                                                                                                                                                                                                    SHA1:52AA46B032F081F3F62962F2D6C86E5823562EC4
                                                                                                                                                                                                    SHA-256:8F7E3AA3436C87BCFF7113751E9A8576F2970755227929A024F2943AB4B4871E
                                                                                                                                                                                                    SHA-512:51ED1BF3163FA2ABD8367C4CF03B1FC4BAF1D53F06703641886AF56E32DF2C2BE059436082C8C4A6F8347D3F16A7C31007E122AC1199B8FAC3D936244A4589BD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......de_DEB..............Ht.....!n...O..zd..L..(2....'.S{.....W.....Y.[=......^.......^,....g.o2^..<!.t.>.............Md...t......p...d....T..........g...U.......O..Xt.....1.....................|...M[...........B.._..7"...(;.H!E..C..XJA....._.s..n..j.R.....u&...........F...I2......4......#....e.............b....}..o*...}..|...s...,..x..F2.........<D..k......_..!g).....%j......&Xd...../Xt.....BW......rN...........[....$......l..........."...bb.......)..............>.......n.......T...|......N...........*^..................A.:Q......Nj...u~._3......_3......}...........q..._...............-E......-E......-E......L........a.....$.>..RB.,n....f.C.....d.K....U..O.......V#......b_....r.n.....k.n.....p.{........x~......uu..\v..&........$......Q......V....B.._...x...&....m..t7..~D..(..........ij..<......................Q....b......YJ..........b......$.......'Z......6.....u.;_......S....6..U5...QS.z.2..Y...Ji...........Y...U..G&...D...+..:...wP.......j.......u.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtdeclarative_en.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):16
                                                                                                                                                                                                    Entropy (8bit):4.0
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:j2wZC4n:CwZ
                                                                                                                                                                                                    MD5:BCEBCF42735C6849BDECBB77451021DD
                                                                                                                                                                                                    SHA1:4884FD9AF6890647B7AF1AEFA57F38CCA49AD899
                                                                                                                                                                                                    SHA-256:9959B510B15D18937848AD13007E30459D2E993C67E564BADBFC18F935695C85
                                                                                                                                                                                                    SHA-512:F951B511FFB1A6B94B1BCAE9DF26B41B2FF829560583D7C83E70279D1B5304BDE299B3679D863CAD6BB79D0BEDA524FC195B7F054ECF11D2090037526B451B78
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtdeclarative_es.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):59875
                                                                                                                                                                                                    Entropy (8bit):4.378278425043744
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:DF1mGEmqUXbLf2/qP3PyZUu+Mv+3/tDZ2MHuApkmuVw4rTHAZONS:ZdEZUX32MvJ/NZ2MHkmuVL0
                                                                                                                                                                                                    MD5:6D3980152D9149280641945911DDB404
                                                                                                                                                                                                    SHA1:C0F3BB7C026815D0D6A6EAF8A4F5DBADEE42AA3C
                                                                                                                                                                                                    SHA-256:E21FBD29B7F7EEEE40E83E28DDCEC767E2CD5437184C86D9614A36D21D0A3896
                                                                                                                                                                                                    SHA-512:A85D5EA38BB90EEE25EB633F4C97EFDAA6D11C09EC84375CDD61DFA2C7CDD85AAEAA4D5AA53EE6526D4D07448AAE580BC071611A498876B6DC329942A42A55D8
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......es_ESB..........t...Ht......!n...B..vS......zd..&X.(2......T.n.....[=...{..^.......^,...^/.t.>...........i..Md...f......K...d...|0......qM..g...-q.....k[..Xt...8..1..........~...........|...&............B..;7.H!E.....XJA... ._.s..I9.j.R.....u&......|)^..8....... ...I2.......4......#...d....Y..) ......5I......=b...}..I....}..U...x.. m.....}...<D..FY.....:n.!g)..vl.&Xd...../Xt...Y.BW...\..F.R....Y.C.....rN...........3P...$......l.......bb..x"......r....>..i....n..c>...T..........(...*^...F.................:Q....8.Nj...O.._3......_3......}...h..._...........H..-E......-E......-E...]..L........a.....$.>..*..&.....q.,n....r.C.....P.K.......O...._g.V#...a+.n.......n.....M..x~..n...&........$...l..Q.......V....P.._...Q...t7..V>..(..........Dt..<...]...........Q......X...........1Q..b....t.$....^..'Z...Y|.;_....s.L.......U5...)..z.2..1...Ji..wH.......F...U..!a...D......:...Q........]......z...........e..!...=......=...i..7..EK..PU...S..N....j..DD..>;.8....B..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtdeclarative_fi.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):65815
                                                                                                                                                                                                    Entropy (8bit):4.47627460642578
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:n5NOqB3OcFs0kSolyD3dtFnf0+whd7CAlBo1Ju4AIY6:n55H9HFnfEd7CAlw
                                                                                                                                                                                                    MD5:7AD1602253312EBE7246E68611013BE8
                                                                                                                                                                                                    SHA1:88C902EDF73E6D37DAEAD1818105DF0B311B1FED
                                                                                                                                                                                                    SHA-256:ECBDFE57CEACCD55344D0C81E3A23A437C7654CC3E7E9371030576107531062F
                                                                                                                                                                                                    SHA-512:A8ADEAB27BDA7D96E77877492F2CBBD8AC8612ECF05B34E9015B43FE48C268FA6755D0F1F269718EA7E91843E5C747603D03E25A56B8DA016491A188FAE0A41E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......fiB...0..........Ht......!n...-..vS.....zd..=..(2....0.S{.....T.n.....W....kA.[=....'.^.......^,...q..t.>..............Md..........`...d...............g...D......}...Xt...l..1...................t..|...>D...........B..Q<.7"......H!E..6/.XJA...a._.s..^b.j.R...n.u&..../.|)^..O.......8...I2.......4......#...w2...Y..@..............K.......S....}..^....}..iD..x..8w.........<D..[......P..!g).....&Xd...,./Xt.....BW...pP.F.R...W.Y.C...x.rN...........Ja...$......l.......bb.......)...........A...>..{....n..v....T..........?Q..........*^...................B.:Q....4.Nj...d.._3....N._3....-.}...zt......`..._...............-E...0..-E......-E...l..L............f...a.....$.>..Bd.&.......,n......4.......C.......K....Er.O....r..V#...tQ.b_....K.n......n........x~......&...._...$...8..Q.......V......._...e...t7..i...(....e.....Z#..<...q........H..........Q....'..X...........Hl..b......$....r%.'Z...mn.6.......;_....q.L.....@.S....+..U5...Aw.z.2..I...Ji...C.......b...U..9W...D

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtdeclarative_fr.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):61420
                                                                                                                                                                                                    Entropy (8bit):4.339517241259642
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:KiT9lgkVKKes08B/D7i72o1sGwYPtf7N51GFY2A:KBF4Xro1sStf7N5D
                                                                                                                                                                                                    MD5:A1921CC689F49BA78892C87E048278D6
                                                                                                                                                                                                    SHA1:8E3518040B4D65117DCA5E93026A5528656782BB
                                                                                                                                                                                                    SHA-256:DB1F16CD9D1BB55D3A957EFCB6B53930CBF7CC92C5A0C1D7A9E4FED5239ED24B
                                                                                                                                                                                                    SHA-512:EAE40A66F09D4C83320CEE721474DEAAD2143E78E109AD58B0BBAFA9E69BC95AEAF2AE67BE59454E75C10D9E647FF62B74E179566CA6B3D326AB791AA618CC2A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......fr_FRB..........{L..Ht......!n...C..vS......zd..*..(2....o.T.n.....[=....O.^.......^,...b..t.>..............Md..........O...d...........w...g...1......p...Xt...e..1....5......B..........|...*............B..>..H!E.....XJA...q._.s..M..j.R...P.u&......|)^..<:......#...I2.......4......#...i....Y..-9......8|......@....}..NI..x..#4......c..<D..JT.....=..!g)..|..&Xd...../Xt...(.BW...a..F.R.....Y.C.....rN...........6....$......l.......bb..~.......yI...>..o....n..hA...T..........+...*^...[.......M.........Nj...T.._3....A._3......}...m..._...........!..-E......-E......-E...o..L........a...#...a.....$.>.....&.....p.,n......C.....=.K....2@.O....d..V#...f..n......n.....v..x~..t...&........$...!..Q.......V....|.._...V...t7..Z...(....i.....H;..<...b...........Q.......X....1......4|..b......$....ch.'Z...]k.;_....q.L.......U5...-..z.2..51..Ji..}............U..$4...D...1..:...V7.......................)..e..$...=......=.....7..I&..PU..!...N....w..DD..A..8....F..Q.....'.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtdeclarative_hu.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):60508
                                                                                                                                                                                                    Entropy (8bit):4.5358592744331006
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:1536:kqThM34iRSFTYetcPvv8qpue5QdxlmVzRe2f/upvV8B7Uwqz7++2VuJAtGQaWQbj:xhM34iRSFTYetcPvv8qpu7dxlmVzRe22
                                                                                                                                                                                                    MD5:D9CA88AE1E456538CD25136B898DECAD
                                                                                                                                                                                                    SHA1:3B4C6CDFF2175BB267B2125CAEA31CA408C2AB29
                                                                                                                                                                                                    SHA-256:49391E359D5657B4AB4EB5736484C804860C03F4FA5CEF2030D8DF6CDED5FD19
                                                                                                                                                                                                    SHA-512:5C02328BD96C4BF93652F81D2D114F434E7F580E0DA5BFB2FB87A83417450B37EE94EB29EC0BEC444D2959F76F1A0AA3B3E31ABD0F5876ACE44D2FAF4DFB1CD6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......hu_HUB..........v...Ht...6..!n......vS......zd..'..(2......T.n.....[=...~..^.......^,...`..t.>...$.......+..Md..........M#..d...~.......s;..g.../E.....me..Xt......1...................|..|...(~.......[...B..<..H!E...G.XJA...&._.s..K..j.R.....u&....}.|)^..:o......!...I2...?...4......#...f....Y..+ ......7.......?:...}..K....}..X5..x..!C......D..<D..H%.....<..!g)..xh.&Xd...V./Xt.....BW..._f.F.R...#.Y.C...g.rN....T......5h...$...@..l....R..bb..z.......t....>..k....n..e....T...}......)...*^.....................:Q......Nj...Q.._3......_3....y.}...j|.._..............-E...C..-E.....-E...a..L........a....$.>..,..&.......,n......C.......K..../..O....b..V#...c..n.......n.....k..x~..p...&.......$......Q....^..V......._...T-..t7..Y...(....=.....F2..<...`H..........Q......X...........3;..b....6.$....ac.'Z...\(.;_......L.....i.U5...,..z.2..3...Ji..yJ...........U.."Y...D......:...Sf.......U......|[.......D..e..#...=......=......7..G...PU.. ...N.......DD..@..8....D..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtdeclarative_ja.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):45301
                                                                                                                                                                                                    Entropy (8bit):5.698459762069523
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:6U7Co6gFOOP04UhNglGVX0Oqo1okO/RFfXDZ+vIhLYKcW9IisiKpTpc:nrF04UhNGGVX0to1w/RFvDZ+giKcW9IK
                                                                                                                                                                                                    MD5:B90131311A7909C38E9A2322191DD837
                                                                                                                                                                                                    SHA1:ED58CB2CF372B3CE365E61E6F621801F602BCBF5
                                                                                                                                                                                                    SHA-256:48510E832351AF8707FBA6DAC755B43D65182C7B826296805DB463F2F8431C69
                                                                                                                                                                                                    SHA-512:18FC74AF5C491DAC265EC8615311C28D4B6152BF9C405675E37C29CD819928AEDC7C25D413950F268E0CF1B29B9BEF78BB23112F7D3BA257B2C5AD15A0418C1C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......jaB..........W...Ht..e...!n..|:..vS......zd.....(2...q6.T.n...0.[=...\T.^.....n.^,...GG.t.>...8......._..Md..........9#..d...\.......T...g..."......P...Xt..gn..1...g......^u..........|...........|....B..,..H!E...y.XJA...B._.s..7..j.R...c.u&...j..|)^..*...........I2..k....4..a...#...L....Y..........(........h...}..8....}..@...x.........]...<D..5......+..!g)..X..&Xd..aj./Xt..j..BW...F:.F.R.....Y.C..w=.rN...s.......&....$..m...l....X..bb..Y.......U....>..OT...n..J....T..d_..........*^..}~.................Nj...<\._3...o.._3......}...N..._....o......u(..-E...-..-E...0..-E......L........a.......a.....$.>..!..&....v..,n......C.......K....#{.O....H'.V#...I..n.......n........x~..R...&........$.._...Q...p...V....,.._...=...t7..A...(..........3...<...F.......`...Q.......X...........%...b......$....G..'Z...C..;_....Y.L....x..U5... d.z.2..%...Ji..Y4......qh...U...a...D.._...:...=h..............[=......rf..e......=......=...-..7..4...PU......N....4..DD../%.8....2..Q..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtdeclarative_ko.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):49579
                                                                                                                                                                                                    Entropy (8bit):5.789790241643706
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:D9AZqzd0Vy7zk/is2saS7pPr9pW/OxDTBcnJjx:ZZd9TswS7pPC/OxDTBcj
                                                                                                                                                                                                    MD5:C00B1C9F0AD0F9CF66B58BC34171FDF0
                                                                                                                                                                                                    SHA1:9CEA2DB1FC727FEBAA6254FF3C080A6F17B7BEF0
                                                                                                                                                                                                    SHA-256:C9696191BC98A97F8E2D338E474DBC3B186B562BE3185164C90EB204A4A084C3
                                                                                                                                                                                                    SHA-512:210854A478325A3C7703B14A8ED2761312754FF152335E899CDEDDEF6009E7FBCDBB83E2FFCEA36553869AE302AD4A06F1C898BE3CDC346E4F4509EE2C928EBC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......koB..........o...Ht...+..!n...E..zd..4W.(2......S{......W....W..[=...vf.^.......^,...\=.o2^..(a.t.>...7.......H..Md..........M...d...v.......j...g...9......f-..Xt......1....e.....z`..........|...4............B..A..7"......H!E..-..XJA....._.s..L/.j.R.....u&.........../...I2.......4..}...#...a......yV......Cp...}..L....}..U...s..f...x../......y...<D..J9.....A..!g)..p..%j....*.&Xd..}../Xt.....BW...[4.rN...........>....$...7..l...............bb..rL...)...l......mW...>..d....n..`....T..........5........B..*^...................5.:Q......Nj...P.._3......_3......}...d.......N..._...............-E...;..-E......-E......L........a...z.$.>..8@.,n....L.C.......K....:z.O....]..V#..._V.b_...j..n.....g.n.......{........x~..h...uu..?6..&........$..z...Q.......V......._...R+..&...t...t7..V6..(....9.....H...<...[...............|...Q...........<.......q...b......$....\..'Z...Y .6....._.;_......S....#F.U5...7..z.2..=C..Ji..p........+...U..0T...D..{...:...Q...............sA....

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtdeclarative_lv.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):53940
                                                                                                                                                                                                    Entropy (8bit):4.611643276008973
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:TiTK9d2qc0jaNdFuuoEtUuzK/j6pqWPeRRV8PeuiGRPuL1K4Pul:GT4hT1PEtoGpqWPeRoPe6RPuLal
                                                                                                                                                                                                    MD5:0C92EB9D23D32D908856851450A368B6
                                                                                                                                                                                                    SHA1:F069C4D78018C09E5AF2D5B4CC303B6FA1F890BA
                                                                                                                                                                                                    SHA-256:17ADE65CEB98DADA9828DAF8990472BFB8A8EA497BA8DEBE7D2722138984BA65
                                                                                                                                                                                                    SHA-512:EE13DA755FE046BCA1A440E008C1EB6A086099EC7818B49E1CD582436A452E766378D83A857172281355E290CCAC51BB27B0E4629ECF890F6A5B37C065306421
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......lv_LVB..........i...Ht..{...!n......vS......zd..$..(2......T.n.....[=...oS.^.....m.^,...T..t.>...i.......,..Md...>......Dr..d...o.......f6..g...*......`...Xt..~S...D..le..1..........r........~..|...$............B..5..H!E.....XJA....._.s..B..j.R.....u&....V.|)^..3...........I2.......4..v...#...Z....Y..&.......0.......7....}..CA..x...l.....qQ..<D..@*.....55.!g)..j..&Xd..v../Xt.....BW...S;.F.R...y.Y.C.....rN.........../....$......l...........g....>.._a...n..Y}...T..z.......%...*^...E.................Nj...Hu._3......_3....C.}...^;.._............s..-E......-E......-E......L........a.......a.....$.>..(D.&.....H.,n....&.C.......K....+".O....U..V#...W..n.......n........x~..c...&....o...$..r...Q.......V......._...J\..t7..L...(..........>o..<...T.......u^..Q....Q..X...........-...b....C.$....U(.'Z...P..;_....o.L.......U5...'y.z.2..-...Ji..k........%...U...X...D..s...:...I...............n........=..e......=......=......7..?,..PU...x..N....)..DD..8..8....=..Q.......

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtdeclarative_pl.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):64190
                                                                                                                                                                                                    Entropy (8bit):4.580664230973424
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:ZTc4CALkXqek2bL0uifGW10uOij9sbCnzJsQqO6phvosvEhrKn92e:Zo43LjQpsTj9scJRqO6phJD
                                                                                                                                                                                                    MD5:613579C7EAE099B36B0EA0AA40F1D5D0
                                                                                                                                                                                                    SHA1:5CF3C1E7A05E45DE18232C23384560190C3C6E11
                                                                                                                                                                                                    SHA-256:A2BD73094DA6595EF58F48319694EEF36F07F76D014FDDD8A8C3546349691280
                                                                                                                                                                                                    SHA-512:CCCBD181B1790FF940DD3FDF1FE2A3E4F57FE8EE9C4DBF23465C648F1F767091F47F5DD2864A699EE6BBD240CD7CB759D567F62D83A9BEDA7ABA22CF8049AE63
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......pl_PLB...@.......8..Ht......!n......vS...,..zd..>..(2....&.S{....!.T.n.....W....lF.[=....'.^......^,...sp.t.>...........%..Md..........`K..d...............g...F6.........Xt......1....B................|...?r...........B..R$.7"....B.H!E..6..XJA....._.s..^..j.R.....u&......|)^..P.......9...I2...C...4......#...y}...Y..B9......W......N.......Tq...}.._&...}..j...x..8.........!g).....&Xd...>./Xt.....BW...q..F.R...&.Y.C..........L=...$...0..l.......bb...w...).........../...>..~A...n..xA...T...e......@...*^...*.................:Q.....Nj...d.._3......_3....X.}...}..._....a..-E...d..-E...a..-E...J..L........a...t.$.>..C..&.....c.,n......C.......K....F..O....t..V#...v@.n.......n.....\..x~......&.......$......Q.......V......._...g...t7..j...(..........[Q..<...r...................Q......X...........JJ..b....:.$....s..'Z...n..;_....}.L.......S....,U.U5...C..z.2..J...Ji...........X...U..:....D......:...fh.......7.......t..e..:...=...R..=.....7..\"..PU..7...N....N.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtdeclarative_ru.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):67138
                                                                                                                                                                                                    Entropy (8bit):5.172234333233121
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:1536:hEKkY6PcTUZ8Zyn4xUQ/Y3zmb72JBkoUjWBLozoU20SAY8r:OKBRY3zq7Ixm
                                                                                                                                                                                                    MD5:65D100732E5F2B9F490D52B54C0A4F98
                                                                                                                                                                                                    SHA1:255B4224966D683C264FD44415811A962464E20B
                                                                                                                                                                                                    SHA-256:5AB39DABF085583A0BD4D98894CEFEC4B1D788E820BB51BB60851F8F50793196
                                                                                                                                                                                                    SHA-512:1E0352A93054BBEE4ABD4C232F639C907D92E6464BD403F4630FC026C33E8EE7D560684F44762B57C0AA584DE09C811461113EB1872F2225AC2D0C7E7AFFDD68
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......ru_RUB..............Ht...?..!n.....zd..E..(2....;.S{......W....s?.[=....@.^.....U.^,...z7.o2^..7..t.>..............Md...~......e...d...............g...L..........Xt......1.....................|...F)......."...B..V..7"...%..H!E..=..XJA...._.s..d..j.R....u&...........@...I2.......4...+..#....c.............X....}..d....}..o...s...b..x..@..........<D..a5.....U..!g)...K.%j.....&Xd...S./Xt.....BW...x..rN..........S&...$......l...............bb.......)..............>...X...n.......T..........G:.......p..*^..................A.:Q......Nj...j.._3....k._3....z.}...........f8.._....$..........-E...q..-E......-E......L........a.....$.>..J`.,n....X.C.......K....MR.O....{].V#...~..b_....*.n.....].n......{........x~......uu..S...&........$......Q.......V.... .._...l...&....M..t7..q"..(........._2..<...y........u.......x..Q....(......P...........b......$....z..'Z...u2.6.....E.;_....9.S....1..U5...Iy.z.2..Q+..Ji...!.......m...U..@....D......:...kl.................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtdeclarative_sk.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):48654
                                                                                                                                                                                                    Entropy (8bit):4.548235735945666
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:DrJXS+Wrwn2jxvoDpr6kkxC+WzzA+bxybPFCQCQRg0oyVgxdLX:D1XS+WrwnuvWor8zrxZQCQRg0VVm
                                                                                                                                                                                                    MD5:8C2A3EDB1D046D6FE94C243DF19A1F93
                                                                                                                                                                                                    SHA1:62769EB0CBA341DD40D5373A26B19034873AD284
                                                                                                                                                                                                    SHA-256:F95360E7CF10169E2BB3373C4FA5153D35F1843474D7ECE4232E7030E945A9B3
                                                                                                                                                                                                    SHA-512:BB22E423E227BBDBB08DA21F8BC2803CA041F54A283D2CBAC4B5F883CBCEDCAE23215B1CDEF3199292E91E518E2816406552D031EA8F75EB1B18705A09284119
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......skB...........?..Ht..(...!n..t...vS......zd...K.(2...dZ.T.n.....[=......^,...Yw.t.>..z.......=u..Md...8..........d.......4c..7.......3r..g...D..........Xt..+!...D.......D..iI..1...+.............../..|...........u+...B..L..H!E...f.XJA....._.s...J.j.R.....u&.../..v....$.|)^..K........?..I2..0....4..#....Y..@.......I.......N....}......x..........7..<D.........PN.!g).....&Xd..#'./Xt...h.BW...X..F.R...k.rN...f.......G....$..8...l................>.......n..]...........*^..v.......4.......5....4...6.Nj...j.._3...c..e....'..}...aD.._.......L....=..q...7a...a.......a.....$.>..B/.&....nv.,n......C.....:.K....EY.O....Z..n.....~.n........&........$......Q....N..V......._...k.......j..<...X......."k..Q....j..X...........F}..b...>..$....Y..;_......L....p}.U5...Ah.z.2..G ..Ji..........d....U.......D.. ...6N......:...kZ......?........z..e...6..=......=......7......PU......N...x...DD..Qt.8.......`.u..N..d.`...k.d.`.................[...>...P...>...go......6...Us..|...".

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtdeclarative_tr.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):69650
                                                                                                                                                                                                    Entropy (8bit):4.61682450810444
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:1536:FkjDyoRPH151JiCeX8trHJ4zJnzqzAarfjMF3MYqFpSP+8GzXwyXPIIYmk/QpjAu:FkjDyoRH151JiDX8trHJ4zJnzqzAofjP
                                                                                                                                                                                                    MD5:E8D7B3F12F90DD66356F5B07EEE3E726
                                                                                                                                                                                                    SHA1:11F1AF22C312FB5218DFCF7071598B1385A2F9AE
                                                                                                                                                                                                    SHA-256:67012FAFEC015B557098F9CEA26618B0E18B567C424455F9A3F35492437F9DE7
                                                                                                                                                                                                    SHA-512:0E86FE8A376C087DE8D5FD97AE769464C7E0E4EDCF82A10270193ACDB301FE726D269C9FD4A4FC413634B77711BDC73B5EBEEC7703339912183B67224FB059E1
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......tr_TRB...p.......^..Ht......!n.....vS.....zd..E..(2....y.S{.....T.n.....W....p?.[=......^.......^,...v..t.>.............Md...t......c...d....h.......f.......M..g...L..........Xt...A..7.......1...................{..|...FO...........B..U9.7"...$..H!E..>,.XJA....._.s..b..j.R.....u&...........@...I2...n...4......#...~%.............Wl...}..b....}..l...s......x..@..........<D.._w.....T..!g).....&Xd...!./Xt...J.BW...u4.Y.C.....rN...........RA...$......l....*..........bb.......)...............>.......n..|....T..........Gf..........*^...J.......I.................:Q....=.Nj...g.._3......_3....*.}...........d,.._............T..-E......-E...g..-E...T..L....S...........a...l......R.$.>..Jd.&.....M.,n....F.4.....R.C......K....M`.O....w..V#...{..b_......n.....s.n.......x~......&....n...$...5..Q.......V......._...ie..&.......t7..nH..(....s.....]...<...v........'.......z..Q.......X...........P\.......C..b......$....w..'Z...r,.6.......;_......L.......S....2..U5...I..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtdeclarative_uk.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):63981
                                                                                                                                                                                                    Entropy (8bit):5.191818337312617
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:ob0qDvWp6aREwD1TiZ+9Mw97DsAX4agiNEOcC4M6aqxmsm3tsDbT/r8UnpsfDv3i:obZD/+59X6a3jAK3NIuF5lBHpsJo7I
                                                                                                                                                                                                    MD5:9AA6CE53C68384B3AA5CA91148A642C1
                                                                                                                                                                                                    SHA1:D2D1AAE0E50C21DCD700E2CF2D468F79D140B6BC
                                                                                                                                                                                                    SHA-256:87246C7A96252B0611DD03FC8F1F4591CBE4F10C28D49E45911FCA686DAD72C9
                                                                                                                                                                                                    SHA-512:31F6BA572AAEBA63CCC01D13CBC756454EB7F7E354BB8AA332E7B6B4D10A31E926BD8FE70667F9396C4A24DF28B75D3D630B7BDD03889F45C332D3E39A82012F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......uk_UAB...H..........Ht......!n...z..vS...I..zd..=J.(2....`.T.n.....[=......^.....A.^,...s..t.>..............Md...J......`...d....4.......g..g...C..........Xt...l..1....*..............r..|...=............B..P..7"....B.H!E..4..XJA....._.s..^..j.R.....u&......|)^..N.......7...I2...'...4......#...y....Y..@.......K9......SP...}.._h...}..j...x..7S.........<D..\......P..!g)...x.&Xd...../Xt.....BW...r..F.R...].Y.C...k.rN...........I....$...&..l.......bb... ...........>..~6...n..xL...T..........>...*^.....................Nj...e.._3....v._3....?.}...}..._....X..........-E......-E.....-E......L........a....$.>..A..&.......,n....,.C.....J.K....Ds.O....t..V#...v=.n.......n....._..x~......&....k...$......Q.......V......._...g...t7..k...(.........Z...<...r........-..Q....9..X...........G...b......$....t..'Z...n..;_....o.L.....].S....*e.U5...@..X....R..z.2..H\..Ji...F...........U..8E...D......:...fv.......g..................e..8...=......=.....7..Z...PU..6I..N......

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtlocation_bg.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):42381
                                                                                                                                                                                                    Entropy (8bit):5.295235540089978
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:y65z2WQA1k4wZHjUASCGJc01jKms91Z5xdDCsR1gua44vMeOJrxQ27FJIMSVveL9:y8zh1wZHjUtCGJc01jKms91Z5xdDCsR1
                                                                                                                                                                                                    MD5:92FF1D699E95910056164F2C341BD3A2
                                                                                                                                                                                                    SHA1:2F4E34F8FBAE5EC06C493F9423C09E7FE2FE6CED
                                                                                                                                                                                                    SHA-256:EF1DDD08A34D1E33B448F52CC2616D07786C6FBAB98650002AF08B986737BF53
                                                                                                                                                                                                    SHA-512:E73E4DD664AA02521630EB78759077030F06289CDADE93303B7C92A63168AAF9F4A9DD56E691D48ED61D9110892C64B75CEAB9D90FA07681A5F7E6AA4E3282B3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......bgB..........D`......fr......GK...`...........H......X......\Y..H0.....Jc...f'.M......R....gd.S....K..Ui...R..W'....}.Zl...R..\dg.....l....`..m....`F.u....ae.w.....2.z....b..z...b..z....c1.}Ad..Y....D..B...l.......0D..$...!...H...?...dH...................n..........>.../...N..#....A..,.......ARt..&..O....?_.U?......X....N..jm......v....Nu.xU5.....|.%..xa.|...:....>..........R.......Kd..W...1........B..... ...J.......y$..^D.....Y...............t../b%..k].>.4..9?.L....[{.NI...Lz.P....D..fC...........2....%..v................2......>....h.._x..tT.........,P.+....Y8.9.b..J..Q....p..Z....{..s....o7.|lU..._.~v...Q=......@... .......{...........=....D..6.......8...i...W@..~...B..)........`..j...g...'i.3B......?*...[..B.....>.j"w.....l....9..m.... ..p4......|....4..~....,....,..........e.......|\......S...h...F....!..W.......F4..1N......a..8...^......z5.........UK..tt..P....@...R..e...&....Q..2J.+S...r..B.r.....QS......lI...h..m.......o....w..y=...........\...}.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtlocation_ca.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):46319
                                                                                                                                                                                                    Entropy (8bit):4.597761631279893
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:wV4vjV1zxgEi5+3BVsulfli4RmpRsdeS6mXrJMFPT+ujX9tC1:wOvjV1zxgEi5+3BVsulhmpRsd/6mXrJR
                                                                                                                                                                                                    MD5:99802CDA17418670BC2106F5EA93928C
                                                                                                                                                                                                    SHA1:2F523297032F2BC2F413143968A86EF48A9D8A12
                                                                                                                                                                                                    SHA-256:BB17AB4C76A6B995F1DC24DD06E1B1B72BA0DF98EA3CB20FC3D2997A9DC5CDEA
                                                                                                                                                                                                    SHA-512:1732CD2F1F83B7600F070050399878811649A751DE70C3F429598B55A859F849EFD1DD55512FE41D7BCDF7A92FE4E6C3A9B950E9E8F714C5866F172A2D1EDBB4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......caB..........N...............p.......Q....`...........X......b......f...H0.....C.....9.H.......Jc...p..M......R.......R....q..S....U..Ui...\v.W'....C.Zl...\..\dg.....l....j..m....j..u....k..w....&1.z....m%.z...m`.z....m..}Ad..d....D..L...l....z..0D../...!...S+..?...n....................n..........H.../...W..#....K..,.......ARt..1..O....I..U?......X....X..jm......v....XP.xU5.....|.%.....|...E4...>...:......\.......J......Uo..W...=..............*...J...&...y$..h......c................../b%..u..>.4..D..DD......D`T.....L....e..NI...Vq.P....Ot.fC...'.......> ...%..........%...............I....h..j&..tT...,.....7..........+....c\.0.......9.b..T..H.....J.Q....{c.Z.......s....y..|lU...Y.~v...[H......J........... ...#~..{...........G....D..B.......C$..i...a/..~..'E..)........`..u2..g...2p.07......3B..."o.?*...e9.B.......j"w.....l....D..m....+f.p4....n.|....@9.~....8....>.......,...........\......o........H......]...h...Q*...!..a.......P...1N..(...a..C...^...&..z5

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtlocation_da.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):44056
                                                                                                                                                                                                    Entropy (8bit):4.687332406279301
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:XkkA299B7tfp89dGF9RfNIEoj4VnWZP8Ceun+LkyJEJPNdRcqmWwO2yBTZz7POmJ:XbA299B7tfp89dGF9RfNIEoj4VnWZP8u
                                                                                                                                                                                                    MD5:F53C606AF261BDE88257C9C2901EB1C7
                                                                                                                                                                                                    SHA1:185063DA37D32A37E5A1E86DC7A0DE83FB240471
                                                                                                                                                                                                    SHA-256:E37E59E61D4987DEF2D4A7763086171B86AAFEB05FD0E64F6BA90A50C882503A
                                                                                                                                                                                                    SHA-512:9EB942EAFA8101670DCDB87BB4C6D9FBFA1330976339BFA6DF43351DA211A3FD74CB60E2C908A22E35AF3E9CA67B629A149C2749DB99CDEEE5C977B2067B3985
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......daB..........L...............mY......O....`...........y......_f.....cH..H0.....C.....@.H.....G.Jc...m..M......R.......R....nI.S....S-.Ui...Y..W'......Zl...Y..\dg.....l....g8.m....gq.u....hr.w....#..z....i..z...i..z....j&.}Ad..`....D..J9..l.......0D..,...!...Px..?...k%.......f...........n...5......F1../...U?.#....Ig.,.......ARt.....O....G..U?......X....V1.jm....{.v....U..xU5.....|.%..~..|...B....>..........Y-......R...W...:W.............'...J...#...y$..e......``..............z../b%..q..>.4..Ac.DD....N.D`T.....L....b`.NI...S..P....L..fC...%'......;w...%..|.......#........O......F....h..f...tT...s.....4........!.+...._..0.......9.b..Q..H.....q.Q....w..Z.......s....u..|lU.....~v...Xg......H5.......... ... ...{...........EN...D..?;......@[..i...]...~..$...)........`..q...g.../k.07......3B......?*...a..B.....I.j"w...W.l....A..m....(..p4....{.|....=`.~....5....,..................ls..............Z...h...Nq...!..^\......M...1N..&...a..@...^......z5.........\...tt

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtlocation_de.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):47076
                                                                                                                                                                                                    Entropy (8bit):4.624044967308464
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:svSE0+ZU3Avs4Np0cucNOzAFmvEZyQSA0E7imZLTznaz+gGr:sKE0+ZU3Avs4Np0cucNXFmvEZy9A0E7l
                                                                                                                                                                                                    MD5:0E5F1FF24DFA1232E6A0C102291CE81E
                                                                                                                                                                                                    SHA1:A75D0434F4A7F4D1B23C822412AC1A5674EB3DF8
                                                                                                                                                                                                    SHA-256:A0EB0CFF31C137D321E3F1C0CDCEFBB4C52B86FDC31FA74C6975F2E4D9B6F23E
                                                                                                                                                                                                    SHA-512:F8B68B4603CDB0EA74768D823B03DFCB11643A6E5F55AF34BBA0DC9F6F0578D87AFB8100E35FC0106C322974246680D41775D3A0679652370849A7AA081250A7
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......de_DEB..........U)..............y.......Xl...`..................k......o+..H0...%.C.....I.H.......Jc...x..M....f.R.......R....z..S....]&.Ui...d:.W'......Zl...d..\dg...D.l....r..m....s..u....t..w....+..z....uS.z...u..z....u..}Ad..l....D..S$..l....F..0D..4L..!...Z?..?...v....................n...$......N.../..._t.#....R>.,.....f.ARt..6j.O....O..U?......X....`n.jm....x.v...._..xU5...C.|.%.....|...J....>.."f......c..............\...W...B@............./:..J...+_..y$..q$.....l%.......?........./b%..~e.>.4..I..DD......D`T.....L....n;.NI...]..P....U..fC...,.......Cp...%...O......*...............O....h..rH..tT.........<..........+....k..0.......9.b..\..H.....Z.Q.......Z.......s.......|lU...9.~v...b.......P........... ...(F..{...........M....D..G4......H\..i...i)..~..,3..)....X...`..}...g...7P.07......3B...'I.?*...m..B.......j"w..#..l....J2.m....0P.p4......|....E].~....=V...>...l...,...w.......P......x>..............e...h...W....!..i.......W;..1N..-...a..H...^.....

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtlocation_en.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):16
                                                                                                                                                                                                    Entropy (8bit):4.0
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:j2wZC4n:CwZ
                                                                                                                                                                                                    MD5:BCEBCF42735C6849BDECBB77451021DD
                                                                                                                                                                                                    SHA1:4884FD9AF6890647B7AF1AEFA57F38CCA49AD899
                                                                                                                                                                                                    SHA-256:9959B510B15D18937848AD13007E30459D2E993C67E564BADBFC18F935695C85
                                                                                                                                                                                                    SHA-512:F951B511FFB1A6B94B1BCAE9DF26B41B2FF829560583D7C83E70279D1B5304BDE299B3679D863CAD6BB79D0BEDA524FC195B7F054ECF11D2090037526B451B78
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtlocation_es.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):23400
                                                                                                                                                                                                    Entropy (8bit):4.567583097346024
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:q3nx9GUWU3ZGsh3x2WdOhhYhFZkxhv9eVFCsLqC3RIMg0Ky/Vgon2g1/WTJ2naBr:q3nPjwYWZ9eVFCsLqChIvfGCz
                                                                                                                                                                                                    MD5:863538E2D271EF492290F47BB3D78696
                                                                                                                                                                                                    SHA1:35D6714B96FA5857280956AC454942278BB19749
                                                                                                                                                                                                    SHA-256:0312EC0AC787F1C09C9B0FF12C1338E9B55629C61719817A2B0068000ABC3093
                                                                                                                                                                                                    SHA-512:287AF0A69FB9BA385A4FC49F3A8AA1548F044C53938004E2A7CADC743331D0301336C9FC9EAC8CA1976A0DA545F5A5F9DDD76ABC9F628894E2EFBA139B17881F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......es_ESB.......`..K.......A*..H0..B..M...A..W'...J..\dg..F..w.....@..l...H.......<.......U....n...y.,....P..P{... ..jm......xU5..E..|.%..3[...>..........S&..J.................../../b%..&Q.8Y......fC........%..1...............I^..tT..U..Q....+..Z....6..s....*+.|lU..>q.. .......{....A..~...V..)...R....`..%..3B......B....O&.j"w...A.p4........,..I...............78...]..$...1N......~....o..^......z5..:....@..:6.+S...-..B.r..J%.QS......m....M/.o....2...}...K........(..k....\..1N...\..(~......* .....'1N..L..I............,...(p..?o.....C...k...?...N...8.l.^..........R.......>.......Fr..2.......m...G....n......|...8:..B..N_..2...I..<P...H..Fy...I..duu..;Y..=...J....~.......Y..K...4...........*..-....;..-....D..v.U..<].v.U..D...L...O......."...z~...3.......X..t....\..}............'...~...c.#....B+.'.p..@..E.......H.......J....M..N....-..]....?..]....GE.lY...9..w....M...y...5.......T.......,..........&O......W....S..l....KP.vr...........=.......E.......HE...P..)....>.....

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtlocation_fi.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):43724
                                                                                                                                                                                                    Entropy (8bit):4.684228399024422
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:GCUOfu0QRthPYygfkgP6u5Dz3xGnlrerwqmNoSd0Zcegn2i2UYxXZAhOghdd:GhOfu0QRthPYygcgP6ZlrerwqmNVd0Zi
                                                                                                                                                                                                    MD5:45E8E7A5847D88EB4DE7088149F5EFF3
                                                                                                                                                                                                    SHA1:58783F6E0A39A5534F719DE3D5C844790E559288
                                                                                                                                                                                                    SHA-256:D0E2A47A4E99022AA612B88271FBFB4D6F309CDE28A972E3A83D349AAF5170FE
                                                                                                                                                                                                    SHA-512:0EC77F96D80E9D63E4B90E1A2A274369EFFC4B566237E2E53CE4C58D0E0041E9118A0151FB227AC91B1712B6A38BDA8B3CD19EDDE6A6B032B51D681B87EB9745
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......fiB...`......K........'......m.......N....`..................`h.....d`..H0.....C.......H.......Jc...m..M....-.R.....j.R....n..S....S..Ui...Y..W'....T.Zl...Y..\dg.....l....hb.m....h..u....ip.w....$..z....j..z...j..z....j..}Ad..a....D..I...l....}..0D..-...!...P<..?...k....................n...e......E.../...U..#....I..,.....=.ARt../..O....F..U?......X....V..jm......v....U..xU5.....|.%..~..|...B9...>...C......Y?......R...W...:=.............(...J...$...y$..f......ad..............{?./b%..r..>.4..@..DD......D`T.....L....cn.NI...S..P....LS.fC...&-......;C...%..}.......$...............FN...h..g...tT...Q.....5F.+....`..0.......9.b..Q..Q....wn.Z.......s....v .|lU.....~v...Xg......G........... ...!...{...........E....D..>.......?...i...^...~..%...)........`..rQ..g...0..3B...!..?*...b..B.....?.j"w.....l....A..m....)..p4....[.|....=..~....5....,..................m........U......[!..h...N%...!.._N......M...1N..'(..a..@R..^......z5...i.....\]..tt..W....@......e...07...Q

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtlocation_fr.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):22158
                                                                                                                                                                                                    Entropy (8bit):4.5544025106195605
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:Ljj4rBY5xbF9eoF1UzjixHKmKEGMvKVio5TcUR2/mxBliIWt7:LXJ9eoF1UzjixHKmKEG5wqi
                                                                                                                                                                                                    MD5:6607B40522F5BE340CD7CBC908402F85
                                                                                                                                                                                                    SHA1:4F6D0018E52563ABCDBDB5E2BCEE18C37E65CA95
                                                                                                                                                                                                    SHA-256:4D617E74E9112FAB4BCA93C8546F3F2FA429CFE544658581D4C12AEE9598F3D5
                                                                                                                                                                                                    SHA-512:BC674E07834EC402B49412D3D401789F396A6058D047424D99995BA5F7A79EE837D3B01A504CBFCD62547B8676636118EF73C7162E2DF6C92EA0E172ED8293D8
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......fr_FRB...X...`..Fz......<...H0..>..M...==.W'...E..\dg..BO.w........l...D%......9 ......Q|...n.....,....K..P{....n.jm....n.xU5..AJ.|.%.......>..........Nn..J...........*../b%.. ..8Y....H.fC....B...%..,........E......D...tT..Q..Q....&..Z....2\.s....% .|lU..:... .......~......)...M&...`.. ].3B......B....J2.j"w...&.p4....l...,..EN..............3....]......1N...;..~.......^......z5..6....@..6S.+S...(..B.r..E..o........}...GL..........k.......1N......(~...&..* ..)..'1N..H/.I.....W......'w..(p..;......?1..N.....l.^...{......M.......:X......A...2.......m...C....n...h..|...41..B..Ic..2...E..<P...C`.Fy...D~.duu..7b..=...F2...Y..F...4....v......%..-....8..-....?..v.U..8r.v.U..@E..L...J...........z~..........)7..t.......}....j...........~.....#....=..'.p..<=.E.......H.......J....H..N....(..]....;d.]....B..lY...5..w....H...y...1l......P.......'..........&O....N.W....N..l....F..vr...........9.......@.......C....P..$...k...*..(4~...Z.4....%..U.e..>~.o-...3...\..............

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtlocation_hu.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):23755
                                                                                                                                                                                                    Entropy (8bit):4.704732362353833
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:+pfUUViBHKOFDWk5j5rM6eold12b3D2DlmxQNT3noecFU1ITgDsAIMiDoDpDcy2F:+1sBHKOFDWk5j5rM6eold12b3u5T3noJ
                                                                                                                                                                                                    MD5:A1F46148F97BEEFA410DCDE6F3235623
                                                                                                                                                                                                    SHA1:8F400D3DF4E70424FB85FA8A2AAED52E621C0F4E
                                                                                                                                                                                                    SHA-256:C88E21DFE65A71EE01CFE5E83650B58F84FB18E67DE6BFB9A157688C5E492DAA
                                                                                                                                                                                                    SHA-512:34E3EAD2DD0B019DB7FDC136CBD90E717F7899F31A7102CBDC79C4028F5D9F5035D740A67E5B92C71969BA94EE3DE56DD49A0A05F1D9625B6F5726D866BFC2BD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......hu_HUB.......`..L.......B...H0..D9.M...C..W'...L..\dg..HR.w........l...J8......>.......Wn...n.....,....Qn.P{..."..jm......xU5..G[.|.%..5....>..........T...J...................1N./b%..(W.8Y...!..fC....'...%..3I..............J...tT..W..Q....-q.Z....8_.s....,..|lU..@7.. .......{....E..~......)...S....`..'..3B....(.B....P..j"w...K.p4....#...,..K_......!B......9....]..')..1N......~.......^......z5..<|...@..<..+S.../w.B.r..K..QS......m....N{.o....4a..}...M;..........k.......1N...v..(~...;..* ..0d.'1N..N..I.....J.......Z..(p..A9.....Eb..k...A...N.....l.^...\......T.......?.......G...2.......m...I!...n...U..|...:...B..O...2...K..<P...Ik.Fy...J..duu..=...=...LE...~.......Y..L...4....s......,..-....=..-....F..v.U..>..v.U..Ft..L...P.......%...z~........../...t....x..}................~.....#....C..'.p..B..E.......H.....>.J....OP.N.......]....@..]....H..lY...;..w....O...y...7.......V.......-........C.&O....U.W....U..l....L..vr...........?~......G.......I....P..+....>.....

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtlocation_ko.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):35336
                                                                                                                                                                                                    Entropy (8bit):5.8436013348626235
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:yEttXNBW6InL7/qatvBSbCv5haVY6/gQTSv5OugGOs7xBXbVNxD:yEttXNBW6InL7/qatvBSbCmVY6/gQOv5
                                                                                                                                                                                                    MD5:C5872DE86F4E259ECCF0F34FC1D000E8
                                                                                                                                                                                                    SHA1:93EF51F097B78E5CBEAF552AD3223FEA6D51F80F
                                                                                                                                                                                                    SHA-256:51B1DF77A487781E45DC4571DEB8996FD3F5C8872E895FAE618292EF6F9CE495
                                                                                                                                                                                                    SHA-512:A7AC67201797A6920D7AB47F0F4577669078DDB8FAB17030AE681BFBEE35B1200BE7BFC1A179AA6DDEC473921C3FD01875041D4DCDED154A61AB7C7CF8588005
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......koB..........;...............WF......>R...`..v.......o6......K......Ny..H0..pA.C.....E.H.......Jc...W..M...o..R.....E.R....X..S....A..Ui...F..W'...vG.Zl...G..\dg..sP.l....Q..m....Q..u....R..w.....c.z....T..z...T>.z....Tu.}Ad..L....D..:x..l...t...0D..%Z..!...?}..?...Ub......l.......~....n..........7 ../...CV.#....9..,....z..ARt..&..O....7..U?......X....D..jm....<.v....C..xU5..r..|.%..d..|...4l...>..........F..............AG..W...........}......!...J.......y$..P4.....LQ..............bL./b%..[E.>.4..3..DD......D`T.....L....M..NI...B..P....<f.fC.........../....%..c...............uN......7e...h..Q8..tT..~......+#.......p.+....L..0.......9.b..@..H.......Q...._%.Z....gE.s....^..|lU..m+.~v...E.......8........$.. ....6..{....D......6s...D..2.......2...i...J7..~...I..)...|4...`..Z...g...'..07....%.3B....y.?*...Mo.B....z&.j"w.....l....3..m...."^.p4......|....0..~....+....>.......,..u...............V.......g.......G...h...=....!..J.......=u..1N.. s..a..3...^......z5

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtlocation_pl.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):42325
                                                                                                                                                                                                    Entropy (8bit):4.764518966991693
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:wxhULHBGq3WCifK5ebOh475jJ+foxxo1KFyfDxdqWOBp6NjG8f7xua8i3:wxWTBGq3WCif1bOh475jJ+foxxo186vl
                                                                                                                                                                                                    MD5:0E8B03FC79FFADB96DA64D7BD41B2CCC
                                                                                                                                                                                                    SHA1:ACF17E370CB948BAB49546FE27C55FDEFC555D23
                                                                                                                                                                                                    SHA-256:621B346772270F905CACA455C67CA7D720D7F5EAE4AFBD64328F37AB0301C307
                                                                                                                                                                                                    SHA-512:66965C94731371B9FA48F5054294CE2F7EEDE7AE8753887312A4D672ED1833FC8836F1A689D544F311DBF0FA2DDF98DD15B336FD8ECA72BCCA557C6226E61595
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......pl_PLB..........B........l......d.......E....`...|..............V......Z...H0.....H.......Jc...dH.M......R.......R....e@.S....I..Ui...P..W'......Zl...PX.\dg...I.l....^H.m....^..u...._..w.....^.z....`..z...a-.z....ap.}Ad..W`...D..A...l....I..0D..$...!...G6..?...b........B...........n..........=.../...K..#....@=.,.......ARt..&..O....=..U?......X....L..jm......v....L/.xU5...Z.|.%..w..|...9....>..........O.......I\..W...1.............. ...J.......y$..\q.....W...............r../b%..h..>.4..8..DD......L....Y..NI...J@.P....Cm.fC...........3....%..up......................=p...h..]...tT...G.....,v.+....V..9.b..H..Q....m..Z....{..s....lH.|lU.....~v...N.......?........... .......{...........<:...D..6.......7...i...TX..~......)........`..g...g...'..3B......?*...X..B.......j"w...?.l....9..m....!..p4....}.|....4..~....-....,...p.......'......c.......|W......Qo..h...E;...!..T.......D...1N......a..8...^...S..z5.........R...tt..No...@...i..e...'=...Q..2R.+S...pn.B.r.....

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtlocation_ru.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):43278
                                                                                                                                                                                                    Entropy (8bit):5.356168092610647
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:3rPTr1n/lB1XR9r4BzDFT5PAwkS0bgbUfxiFvFMF0FxqV3SuqJS/sORhSrXQFy9Y:3Xr1n/lB1XR9r4BzDFT5PAw39iabS/s8
                                                                                                                                                                                                    MD5:996499BE80ED1C7CBEB5D5B7702AB13A
                                                                                                                                                                                                    SHA1:85AF08A5FCA90F6F727629852C5B3491DC808E23
                                                                                                                                                                                                    SHA-256:8A8E223275E037F778A298415E65E64AEEEBF6B7E9ADE2C14B948C7C9F4CABB7
                                                                                                                                                                                                    SHA-512:A0D9D6EF2CA0DC4A3436833F453978176222DC772D2BF2A8CEB0C374A2902543FFC065E9FDB520ADC96A3C73BD376FC60921EEF5D1E0942573BB9F0FA55ED446
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......ruB..........I........t......k.......L....`...[..............^......a...H0...#.C.......H.......Jc...k..M....T.R.......R....l..S....Q..Ui...X..W'......Zl...XE.\dg...(.l....e..m....e..u....f..w...."..z....h/.z...hj.z....h..}Ad.._W...D..G...l.......0D..*...!...NO..?...i....................n..........B.../...SR.#....F..,.....T.ARt..,..O....C..U?......X....TJ.jm....X.v....S..xU5...E.|.%..}..|...?x...>..........W....... ......P...W...7........&.....&^..J..."...y$..c......_...............y../b%..p..>.4..>>.DD......D`T...}.L....`..NI...Q..P....J..fC...$.......8....%..{{......"#..............CE...h..d...tT...T.....2..........+....^..0.....~.9.b..O..H.......Q....u..Z.......s....t..|lU...K.~v...V.......E,.......B.. .......{....f......A....D..<"......=,..i...\]..~..#...)........`..p0..g...-..07....S.3B......?*...`o.B.......j"w...8.l....>..m....'f.p4......|....:{.~....34...>.......,...#..............j...............YV..h...L....!..\.......K...1N..$...a..=...^......z5

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtlocation_tr.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):44395
                                                                                                                                                                                                    Entropy (8bit):4.811993619856308
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:qo0WASFFI4gKsCdIMPSYq/55dGLup8cYZnN41Tanp3STycZlwGWnSGDizmbTFH4x:qoxASFFI4gKsCdIMPSYq/55dGLup8cYI
                                                                                                                                                                                                    MD5:DFD4B72D5171CE9A026FAA6F7B266E73
                                                                                                                                                                                                    SHA1:320DB1B71411E1CD84C0F80A7DAB4AB7290CB678
                                                                                                                                                                                                    SHA-256:8B7A2708F61ADD594061C5C32AC84471AE475DBF1F8E42E22B9CC84BF941E679
                                                                                                                                                                                                    SHA-512:AE99BA5A272F4823D843BAE0A35EE750DDEA01432AA0362955D7D2B0E2BCD2C25EB1B1A3C9C63516903DF6D20ABCD3DB26187FCAB163E81A227CF3BF71E03E2C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......tr_TRB..........KQ.......l......mB......N>...`...m.............._......ci..H0.....C.......H.......Jc...l..M....F.R.......R....n6.S....Rd.Ui...Y`.W'......Zl...Y..\dg...`.l....f..m....g4.u....h;.w....%Q.z....i..z...i..z....i..}Ad..`....D..Il..l....8..0D...0..!...O...?...j........c.......B...n..........ET../...T..#....H..,.......ARt..0&.O....F..U?......X....U..jm......v....U..xU5...].|.%...?.|...A....>...D......X.......L......Q...W...:X.............)Z..J...%...y$..eB.....`........7......{4./b%..q..>.4..@..DD......D`T...a.L....b..NI...R..P....K..fC...&.......;J...%..}Y......$...............E....h..fn..tT.........5..........+....`B.0.....J.9.b..Q+.H.......Q....wA.Z.......s....u..|lU.....~v...X.......G^.......... ..."...{...........Dw...D..>.......?...i...^...~..&O..)....~...`..q...g...0..07....q.3B...!..?*...b..B.......j"w.....l....A:.m....*@.p4......|....=%.~....6V...>.......,...W.......*......l|..............Z...h...M....!..^.......M/..1N..'...a..@...^.....

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtlocation_uk.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):24159
                                                                                                                                                                                                    Entropy (8bit):5.295904676831055
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:I1056AkImnecIYOQ06jexFfjDtCrHawvt59eWbDDMtGBKag0XJoynMS8Dde5VVo9:IvAkImnVjexFfjDtCrHawvt59eW/DcGa
                                                                                                                                                                                                    MD5:3A8469C2443C98944C21A44BB67C2B95
                                                                                                                                                                                                    SHA1:6E716D3F505D2538BA39872AFEB408557B715DD1
                                                                                                                                                                                                    SHA-256:1910621CE710A23F2FCE603CB3B78DA24A24C9DF497B3F26505EDD4A738B00E4
                                                                                                                                                                                                    SHA-512:5938F030F95092275AF828729B70DE039E1A19DEFF764DEA5E26FECCD73276786C0D727998D3C280A71EEBD681310623A985E6DF3ADAB519E99113F575962A4E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......uk_UAB.......`..N_......D...H0..E..M...D..W'...M..\dg..J&.w.....J..l...L.......?.......X....n.....,....S2.P{...!..jm......xU5..I%.|.%..4....>..........VH..J...................0../b%..&..8Y... k.fC........%..2...............L...tT..X|.Q....,..Z....8..s....+).|lU..Ao.. .......{....C..~...`..)...U2...`..&X.3B......B....R\.j"w.....p4........,..M/..............9....]..%...1N......~....Q..^...e..z5..=P...@..<..+S......B.r..Mq.QS......m....P[.o....47..}...O%..........k....F..1N...2..(~......* ../..'1N..O..I............-x..(p..B{.....F...k...B...N.....l.^..........U.......A.......I...2....>..m...J....n......|...:...B..Q...2...L..<P...KC.Fy...LG.duu..=...=...N....~...9...Y..N...4...........+..-....>..-....G..v.U..?..v.U..H...L...R.......#...z~...;....../0..t....&..}............Y...~..._.#....E=.'.p..C..E.....a.H.......J....Q$.N....-..]....B..]....J..lY...<N.w....P...y...7.......W.......-..........&O......W....V..l....N..vr....m......@.......H.......K....P..*....>...v.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtmultimedia_ar.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):11486
                                                                                                                                                                                                    Entropy (8bit):5.268991075562103
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:20UQRn2sg91xzuera9bIWo6P5qIJtzi82337ui:2ri2sgj6E6P5qizPWLui
                                                                                                                                                                                                    MD5:C0A0146E0F690E7CFFF468D9D2B23BF8
                                                                                                                                                                                                    SHA1:4649CDF3C53E6012810F44D8A8903EE7606F4B35
                                                                                                                                                                                                    SHA-256:5FC10414E168C1161B8590A5C173D140D31B17CF450F0AC93E666EBF7A2FF908
                                                                                                                                                                                                    SHA-512:6AA319C3CC6CEC5F6F06BDAE653F97E6B31D49DEB012DB84EE816DE5A6FFD0DD7A1395A8D387557081D87A6D54BE31EE8083A13B6BCB030CEAF4D7247701DC22
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......arB.....X.A..#.................Q.......R.....H.W.>.........%....1..#h.C|......OY....I.c....'k..]>...k..]>...M..................t..&F................|......W.......[C......p....%...#..."....n..........!..................zn......*......:.....@.C......w\^...X.............)...TD...g..T................N.....q3....z...........U.......T..............b........1..........."...............e.........c.....I.l.E.....l.E...C.l.E..)...6...'............a..$x. ^>.........!Y...... -......>............(>.#......K.s......s....t......'...n...A....&...Z..............X5A.....q.C.....x.....9...^...G...N......L.......M..."I......B.......P.w. .....};...._...... ........)..J....|.........?.............|....(...Q5..._..KT...ri..).....6.F.3.B. .E.D.A.Q.'.*. .R.A.W. .(.(.D.'. .*.1.H.J.3.).)..........RAW (headerless) file format.....AudioContainerControl.......F.3.B. .E.D.A.Q.'.*. .W.A.V..........WAV file format.....AudioContainerControl.....0.(.J.'.F.'.*. .P.C.M. .5.H.*.J.Q.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtmultimedia_bg.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):13683
                                                                                                                                                                                                    Entropy (8bit):5.206041252254424
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:rcVs16vrAWygoSWLyZ5aQVa3A3mMa83DB3eAsk:rcVs16vrAWyoWuZ5aQVa3A2Maq93eAsk
                                                                                                                                                                                                    MD5:15EA6B38E1EF62ABC6AE030ED6C665DB
                                                                                                                                                                                                    SHA1:4F541734690E100747A99D259D2DAB948BE0D68A
                                                                                                                                                                                                    SHA-256:ADD8675FBC2351FB6C8397ED36932F98553782DD4CE0498EFC5B89B050AC8626
                                                                                                                                                                                                    SHA-512:B34A1465E59F156F87879F83BA350AE7D632CE246C079BDE2976ED53B6DC6CDED1989CF6C80F53CA94498AD3EC8E573F0B60D21EEDAC742F81D0FF3C78634FF3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......bgB.....X.A..+.......$.........Q.......R.......W.>...2.....-....1..+".C|....B.OY...%...]>...S..]>..!........j..........t...n.............-..|...%..W.... ..[C......p....-...#...*{...n..........)U.................zn...,..*......:....#..C....G.w\^.........%i......1y..TD......T....U...........N.....q3....<......&g...U...}...........T..............b........1...........R......$....... ........).c.......l.E.....l.E.....l.E..2...6.../\......#@...a..,^. ^>...o.....(.......'.......P............0p.#......K.s......s.........../...n............Z............@..\T.."..X5A.....q.C...j.x.........^.......N...c..L.......M...).................w. .....};....B......(........I..J..............?..........!..|....0...Q5......KT...|i..2s....@.$.0.9.;.>.2. .D.>.@.<.0.B. .R.A.W. .(.1.5.7. .7.0.3.;.0.2.:.0.)..........RAW (headerless) file format.....AudioContainerControl.....".$.0.9.;.>.2. .D.>.@.<.0.B. .W.A.V..........WAV file format.....AudioContainerControl.....2...C.4.8.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtmultimedia_ca.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):14877
                                                                                                                                                                                                    Entropy (8bit):4.495618627792468
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:xWSMgD83O3Oesgu143Ik6f0w633EyAo3tb3Mb3y3CJ3Q3IF+P/F8NdEF3g033T3m:9M28+eesgY4npUyd9bsiSJP+Xu6Q03j2
                                                                                                                                                                                                    MD5:F4ACB5614C77260B4C1177CDB350942E
                                                                                                                                                                                                    SHA1:C53DA2DACF580A48D18E4BC36B513A6402147F4C
                                                                                                                                                                                                    SHA-256:99AAE58CE729312B4ED38DB7D8AA42C770EAA4CC3F669626F9BEB9676BC21EF2
                                                                                                                                                                                                    SHA-512:E736DD2B985F8E579598E9465C662E2D53427FC4ED05FFC1DD1580DBA485021581AD4D0700A58E971A48FF9D6455597BA486078DEDF72CEAB8B02E557FB9FA37
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......caB.....X.A../........7.Q.......Q.....2.R.....V.W.>.........1....1../..C|......OY...(..c....3...]>..!...]>..&y......................%...........t..2h.............,.......5..|...)..W....$..[C......p....1...#...._.......~...n...a..............-7.................zn......*.............:....'..C......w\^.. @.....)U......5...TD......T....Q......#J...N...g.q3............:......*]...U.."D...T..............b....[...1..................({......%U.........c.......l.E.....l.E...s.l.E..6...6...3l......'8..{4...}...a..0L. ^>.........,.......+.......`............4..#......K.s...I..s...".......47..n........2...Z..............=.......X5A.....q.C.....x.........^.......N......L....t..M...-...............Z.w. .. ..};...$.......+...........J.........../..?....g.....%..|....5`..Q5......KT...zi..6.....L.F.o.r.m.a.t. .d.e. .f.i.t.x.e.r. .R.A.W. .(.s.e.n.s.e. .c.a.p...a.l.e.r.a.)..........RAW (headerless) file format.....AudioContainerControl.....(.F.o.r.m.a.t. .d.e. .f.i

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtmultimedia_cs.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):15906
                                                                                                                                                                                                    Entropy (8bit):4.737087172418041
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:RcPvbZYqjMvs1eEt86I3f4EwKiZU8UkFPU:RcPvbZYRvs1e76I3w+8UsPU
                                                                                                                                                                                                    MD5:3BBF388844D5DB68FBE5EF1ABF01031A
                                                                                                                                                                                                    SHA1:257CC6C095C67000D4DE8F832F3447E0F755905D
                                                                                                                                                                                                    SHA-256:6F116E7A2FDEFE84A890DF1718D235E61D5731BF7C2E3E57A838F6EC9EEDE0FA
                                                                                                                                                                                                    SHA-512:3F2328AADF5A8DFECE7DDED754CAA2C3FCC861564D135C6C1D0699AAA57A986E62B652EC41352EDC0353927A512F72844A124EAC3D8551AED794731B8B13C039
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......cs_CZB.....MJ....1.OY......X.A..6%................Q.....G.R.....s.W.>...i..D..........7...}q.......1..5..C|......OY...0Q..]>..(!..]>..-.......%.......T.Qz....m...t..8h............#...|...,@.W....+f.[C.......#...4...[E......'....t......:...n...L......3...........0$...Q..zn......*...&-..*...').:..../2.C......w\^..&......0...TD..#G..T...".......)....N...X..K....*......1....U..)!......(............T.."G....... ...1.......1.. ..6..................../.......+...........V......W......c.......l.E...,.l.E.....l.E..!...Z2.......~.......~......6...9E..........&A.......a..6....S...o. ^>...*.I}b.........3.......1.................... j..'.............#......K.s......s...)....N..........9...n........8..N........Z...............\T...-.X5A.....q.C.....x.........~...p...N......L.......M...4 .....$J.......5.w. ..'..};...*...o....h......2w..........J...._..J....J.......?.....$...?..........,...Q5..%...KT..!k..G.....i..:[....(.S.o.u.b.o.r.o.v... .f.o.r.m...t. .R.A.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtmultimedia_da.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):13659
                                                                                                                                                                                                    Entropy (8bit):4.616849544167846
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:Xr0R2Psma1C9gNjFjOMFyp/vSR5p2h8klZBrNQ:XAR2PsmEFewyp/aR2ieZBe
                                                                                                                                                                                                    MD5:34BB0ECE3C0DB02ED3E1E73AE1932719
                                                                                                                                                                                                    SHA1:E23C7790CAFBA427A3E70F705B7B4CBE9F228DDF
                                                                                                                                                                                                    SHA-256:39D902411064CC5C5FD45742F1768022A1AE7953700741B2F608E3807E19110A
                                                                                                                                                                                                    SHA-512:9E1C462D2535D7262127AF3DF8028E27F57C3352E97EB28F6D4055516D453C9F60775283DD4A63EDD3ECB76C557F94F82988545B5016B764EE1DB8CA13AA87F0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......daB... .X.A..+.......`.........Q.......Q.....p.R.......W.>.........- ...1..+L.C|......OY...%..c..../...]>...A..]>..#........t..........................t...\.....................'..|...&p.W...."..[C......p....-...#...*............n...I..............).......*..........zn...X..*...........T.:....$..C......w\^.........&.......1?..TD......T...._...... ....N...M.q3....l.......:......'....U.......T..............b........1...........<......%E......"..........c.....i.l.E.....l.E.....l.E..1...6.../,......$0..{4...W...a..,p. ^>.........).......'.......*............0V.#......K.s...#..s... `....../...n............Z..............=.....<.X5A.....q.C.....x.....{...^...{...N...'..L.......M...*...............<.w. .....};...!y......(|..........J....x.........?.........."..|....0...Q5......KT....i..2.....2.R...t. .(.h.o.v.e.d.l...s.t.). .f.i.l.f.o.r.m.a.t..........RAW (headerless) file format.....AudioContainerControl.......W.A.V.-.f.i.l.f.o.r.m.a.t..........WAV fi

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtmultimedia_de.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):15006
                                                                                                                                                                                                    Entropy (8bit):4.524251350180448
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:szJCssbW1tE1I2oaaVCDKEeNByOApdLowK18C3B/:sz0ssbQt3IQBNSfK+gB/
                                                                                                                                                                                                    MD5:2EA100003233A563C03EC7B0A0C0D2ED
                                                                                                                                                                                                    SHA1:EF56DB962FC5217A0DAB92BCC6CABB1CBE825A00
                                                                                                                                                                                                    SHA-256:7D1541468BD09F4A34E78595DAEBDCFD7BF71715C34BF95C2DCCE41BF5484155
                                                                                                                                                                                                    SHA-512:799271B682DAC7C9DB10B8EB3BE5237355199A30013E08C92024C68A01806710971B0A812CBFDF023F21FD2A5298F1E3F4BFF9850D5D7E357BC12CA1F7164462
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......de_DEB.....X.A..0........7.Q.......Q.......R.......W.>...B.....1....1../..C|......OY...)..c....4...]>.."S..]>..').......Z..............Y.......i...t..3V........................|...*h.W....%..[C......p....2...#.../3.......L...n..................-...............E..zn...r..*... .........:....(r.C......w\^.. ......*.......6...TD......T....;......$....N...M.q3............@......+#...U..#"...T..............b........1...........L......))......%..........c.......l.E.....l.E...y.l.E..7...6...4<......'...{4.......a..1.. ^>.........-I......+.......B............5..#....g.K.s...g..s...#.......5...n...+....3...Z....+.........=.......X5A.....q.C.....x.....C...^.......N......L.......M...................T.w. ..!..};...$.......,...........J..............?..........&U.|....5...Q5......KT...di..7[....:.R.A.W.-.D.a.t.e.i.f.o.r.m.a.t. .(.o.h.n.e. .H.e.a.d.e.r.)..........RAW (headerless) file format.....AudioContainerControl.......W.A.V.-.D.a.t.e.i.f.o.r.m.a.t.........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtmultimedia_en.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):16
                                                                                                                                                                                                    Entropy (8bit):4.0
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:j2wZC4n:CwZ
                                                                                                                                                                                                    MD5:BCEBCF42735C6849BDECBB77451021DD
                                                                                                                                                                                                    SHA1:4884FD9AF6890647B7AF1AEFA57F38CCA49AD899
                                                                                                                                                                                                    SHA-256:9959B510B15D18937848AD13007E30459D2E993C67E564BADBFC18F935695C85
                                                                                                                                                                                                    SHA-512:F951B511FFB1A6B94B1BCAE9DF26B41B2FF829560583D7C83E70279D1B5304BDE299B3679D863CAD6BB79D0BEDA524FC195B7F054ECF11D2090037526B451B78
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtmultimedia_es.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):17046
                                                                                                                                                                                                    Entropy (8bit):4.488067064247524
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:qTAb/kqIRnp2Psn41kjT22m8T+dEw0Zpe4Q6fn87wZ9OdDq3D:MAb/kqIFUPsnKWhwcpeuf89da
                                                                                                                                                                                                    MD5:F2E05CF385B73830C66997878BBE96C1
                                                                                                                                                                                                    SHA1:1E5D672AB83BFB84ADE3C808F9A792F74FD1394B
                                                                                                                                                                                                    SHA-256:0866911BFD4C6E78D3517EA298DE653CAEF0B7248AEFACDBA5236E7565A9B2A5
                                                                                                                                                                                                    SHA-512:4C84CED507C284D7D50107F4086F30267F9057880F34320F54289F4E37761A4B7ABFA12A0BD6AD64E13ED0A7640E0B97555BE9B1D7B44B3C606CB0F581BBCA5A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......es_ESB.....MJ....).OY......X.A..8@..............G.Q.......R.......W.>......D..........9...}q.......1..7..C|......OY...1...]>..)...]>...4......&.......Z.Qz....;...t..:.............$...|...2D.W....,..[C....).p....:5..#...7...[E..........P...n...C......5......"........u..0$......zn......*...'M.:....02.C......w\^..'......1.......=...TD..$Y..T...#.......+....N...g..K......q3... .......2....U..*!......)............T..#m.......H..b........1...!...1..!{.6....................0.......-...........V......W....Z.c.....w.l.E...F.l.E.....l.E..#..l.E..>....~.......~......6...;......./....a..8....S..... ^>.........5/......3.......w............ f.....<.........#......K.s...[..s...*....N..........<A..n..._....;/..Z....W..........\T.....X5A.....q.C.....x.........~...d...^...%...N......L....:..M...6c.....%H.......j.w. ..({.};...+...o....~......4...........J............W.....%...?....).....-~.|....=b..Q5..&...KT..".i..>.....J.f.o.r.m.a.t.o. .d.e. .a.r.c.h.i.v.o. .

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtmultimedia_fi.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):13883
                                                                                                                                                                                                    Entropy (8bit):4.587256778643159
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:5xqudvG/srvG1YOIDcz0dIwMrOH5exEeTD5+oDwYKtToV8qxh+upeSIraT0wYnf6:/qudvG/srvAYO04xtTlrzKWeGgD6
                                                                                                                                                                                                    MD5:F9B40CF075E511A54ACF25CD301B2A05
                                                                                                                                                                                                    SHA1:C84D587DAC38A7E1747E420854978D1FC27A925E
                                                                                                                                                                                                    SHA-256:628BE72C1DC70652AB302E2F8CCB9F3C328E7FDDDF7D8D1C5CE21056A9BA84F2
                                                                                                                                                                                                    SHA-512:6D6C968D5A0F7FA46867A182261509C145522F8EC059AA4C42F28C4B38EF40A32CF2913F03BC800845B14BBE76AC6ED7F96E97C7BC4122C2B6D293D1E102D2BD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......fiB... .X.A..,.......f.........Q.......Q.....V.R.....^.W.>...F.....-....1..,..C|......OY...&..c....0?..]>.. ...]>..$m.......L..............u...........t............................|...'n.W...."..[C......p.....W..#...+w...........n...W..............*m.................zn......*....o......t.:....%..C......w\^.........'.......2...TD......T....;......!....N...O.q3....t..............(....U.. ....T..............b........1...........6......&E......#_.........c.......l.E.....l.E.....l.E..2...6.../.......%(..{4.......a..-.. ^>...'.....).......(.......L............1..#......K.s......s...!>......0...n......../M..Z..............=.....t.X5A.....q.C.....x.........^...{...N...+..L....|..M...*...............,.w. ...U.};..."?......)t..........J..............?....w.....#..|....1...Q5......KT....i..2.....>.R.A.W.-.t.i.e.d.o.s.t.o.m.u.o.t.o. .(.t.u.n.n.u.k.s.e.t.o.n.)..........RAW (headerless) file format.....AudioContainerControl.....".W.A.V.-.t.i.e.d.o.s.t.o.m.u.o

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtmultimedia_fr.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):16502
                                                                                                                                                                                                    Entropy (8bit):4.523787100967048
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:0zjDNrhYqqg7mPOnkq4wKAAEF8XDj7Ps7I1HzGetICvxbTV60PZtR2TeZm6Pynsm:07Nrhp3kCvsPs7am0bRPpEOOzB
                                                                                                                                                                                                    MD5:DF28B5BCDEDC3FDEAD3749E6A0861F81
                                                                                                                                                                                                    SHA1:7F64D46BD5D6BF7254242CF0DBDE179954123719
                                                                                                                                                                                                    SHA-256:622FB2AB66D224C946BBBE8B4B06CCB45EA4B1368BA0E822A07BAD4B7C4BBD36
                                                                                                                                                                                                    SHA-512:97D9053A6A236CA72D042597B4A150D703082810C1DE3542491938C93BFA871D2998A34C53F597913C80D5D02E0D7EF0E0CEB8D0609BB71B478E7E25A3317163
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......fr_FRB.....MJ....1.OY....'.X.A..6...............w.Q.....h.R.......W.>...0..D..........8...}q.......1..6T.C|......OY...0S..]>..(a..]>..-P......%d........Qz....E...t..:.............$...|...1..W....+..[C....c.p....8...#...5...[E...\..........n..........4...........0$......zn......*...&..:..../..C....#.w\^..'......0.......<'..TD..#...T...##......*S...N......K...........1....U..)e......)............T.."...........b........1.......1..!..6............. ....../.......,:.......'..V......W....\.c.......l.E...t.l.E...F.l.E.."U...~.......~......6...9............a..7|...S..... ^>...Q.....3.......2q......1............ ......;"........#......K.s......s...)....N...<......:>..n........9n..Z...............\T..-..X5A.....q.C...R.x.........~...b...^.......N.../..L.......M...5......$..........w. ..'..};...*...o...........3R.......-..J............W.....$...?..........,..|....;...Q5..%...KT..!.i..<.....H.F.o.r.m.a.t. .d.e. .f.i.c.h.i.e.r. .R.A.W. .(.s.a.n.s. .e.n.-.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtmultimedia_hu.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):16463
                                                                                                                                                                                                    Entropy (8bit):4.657374409195896
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:RtGHxItMx2ssKAo0MZZPPXlDtAxb+tceVYwG9s4VbnzKMy9J:RtGHxItMx2ssKAo0MZZPPXlhkb+tceV3
                                                                                                                                                                                                    MD5:286A43C2C0699E792A63123EE3D11D89
                                                                                                                                                                                                    SHA1:2611BA80FBEF67CBE0C61CA981D5B37FD2841AEC
                                                                                                                                                                                                    SHA-256:589D857B96CB1C8E6DCB018C8CDAF71BF06D31AA1271867F8572183C9394F8D7
                                                                                                                                                                                                    SHA-512:92A7865CD3FF0CF2277100368193ABBF5557B4CF4323EF60DB998B1DA2317B9663E5199ADD6F6CA2F873942B5BAA40588253DE7F1335F0526380A00C63F4DA5F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......hu_HUB.....MJ......OY......X.A..6D......Z.........Q.......R.......W.>......D....G.....7...}q...<...1..5..C|....N.OY.../...]>..'...]>..,.......$.......p.Qz........t..9.............#I..|...0f.W....+..[C....K.p....8W..#...4...[E..........p...n..........3......!@.......U..0$...Q..zn......*...%..:.....v.C....u.w\^..&>.....0.......;...TD.."...T..."u......)....N......K....J.q3...........1....U..(.......(V.......y...T..!........b..b........1.......1.. /.6..................../3......+........Y..V......W......c.....k.l.E...x.l.E...,.l.E..!..l.E..<K...~.......~......6...9............a..6....S..._. ^>.........39......1.....................*.....:.........#....?.K.s......s...)3...N...L......:K..n...5....9_..Z....1.......P..\T..-..X5A.....q.C.....x.........~...L...^...1...N......L.......M...4I.....#..........w. ..&..};...*V..o...........2........e..J............#.....$)..?..........+..|....;P..Q5..%...KT.. .i..<.....B.R.A.W. .(.f.e.j.l...c. .n...l.k...l.i.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtmultimedia_it.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):17194
                                                                                                                                                                                                    Entropy (8bit):4.475777186094896
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:UC3TmO4QKfnqfbFgmLf6i5zmQjEPsT2i31ZG+f4YdzPXegWZQ3lQPmNEx4EzO31c:Uyrx0CaPsqkhjEeDUSBNs3h
                                                                                                                                                                                                    MD5:74E75500E4026F2DB8FF298B548E928A
                                                                                                                                                                                                    SHA1:085B10C64A4CF22444174805BCB6BA0AB5CCFC57
                                                                                                                                                                                                    SHA-256:ACA8D4DD145E671D827E582496F20281DC559AC91E7E13F88CF508BC2D6301ED
                                                                                                                                                                                                    SHA-512:6C20E99834D3033FC85FF23A9EFDD3D2DB4A40CDF24D69C04CA2470EEC4FF38469CDBE89DD62C4C620E9E3456D123F205A8A958E4FC717018BA832E9764BB2EF
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......it_ITB.....MJ....'.OY....U.X.A..8...... ........).Q.......R.......W.>...@..D..........:X..}q.......1..8T.C|......OY...2Q..]>..*3..]>../^......'0........Qz....I...t..;.............%...|...3$.W....-..[C......p....;...#...7...[E...j..........n..........6......#...........0$......zn...T..*...(c.:....1..C......w\^..(......2.......>o..TD..%e..T...$.......,=...N......K......q3...!.......3....U..+I......*............T..$w..........b....#...1.......1.."s.6.............P......1........,..........V......W....R.c.......l.E.....l.E.....l.E..$#.l.E..?....~.......~......6...<v......0....a..9....S..... ^>.........5.......4.......E............!d.....=n........#....O.K.s...Y..s...+....N...Z......<...n........;...Z...............\T..0..X5A.....q.C.....x.....5...~...R...^.......N...y..L.......M...7......&V.......>.w. ..)..};...,...o...........5Z..........J............U.....&...?.............|....=...Q5..'...KT..#.i..?g....J.F.o.r.m.a.t.o. .f.i.l.e. .R.A.W. .(.s.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtmultimedia_ja.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):14337
                                                                                                                                                                                                    Entropy (8bit):5.741374393238018
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:zn1pQ8PxuF2WQMeOSJASTswQZs7WWdiTA6V8x:c8PxuF2WQMeOSJASTxQZs7WbTAWs
                                                                                                                                                                                                    MD5:27259833BCDE1CA4438A41863C9345DA
                                                                                                                                                                                                    SHA1:ECD2404A31215E2D814125D3DBD5ADC7C6D45083
                                                                                                                                                                                                    SHA-256:F9A888586C42C22894CCB4180257C2DE70299FF5D540087BC334DA74A8DD5969
                                                                                                                                                                                                    SHA-512:EA82A4CEB38CD6B134AB37A6257D88D6019D25B82D6B6E855A4ABA19A2403D18CBE9AA463CFB857EE221CA787EF47080336D9A1459F23F3582E5BD726A4BF84F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......jaB.....MJ.... .OY......X.A....................Q.....q.R.......W.>...q..D....h...../...}q.......1..-..C|......OY...)D.l........]>..#4..]>..'....... .........M.......Qz........t..1......{..........|...)..W....%..[C......d.....9.p....0r..#...-J..[E..............n.......1..........,F..........0$......zn......*...!..:....(W.C......w\^.."+.....).......3:..TD...h..T...........$....N......K...........*V...U..#.......#........v...T...........S..v....7..b........1... ...1.......1...}.6.....[.H.C..................(.......&1..........V....c.W....W.c.......l.E.....l.E.....l.E.....l.E...\.l.E..3....~.......~...........~..6...1.......'....a../....S..... ^>.....5.t.........+.......*..............F......=......%.....2}........#....h.K.s......s...$`...N...!......2...n......w...}....1f..................Z...............\T..'..X5A.....q.C...a.x.........~.......^.......N......L....%..M...,...... /.......S.w. .."..};...%C..o....w......+i.......L..J................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtmultimedia_ko.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):11006
                                                                                                                                                                                                    Entropy (8bit):5.779927341401355
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:rtqk8es6911OXRidgBnSQyHu5SW18acLhn:ps69rOHnzSW+acLB
                                                                                                                                                                                                    MD5:0161C0622AE59F0331FDE6C2D901327B
                                                                                                                                                                                                    SHA1:BC497F30FA42A5F73D2B4917FC2C12496EAFEE78
                                                                                                                                                                                                    SHA-256:F512A5E985535D0309F737E6156F5959AE9B6405E65FF76ABAE5A139332F2C7A
                                                                                                                                                                                                    SHA-512:903135B6C0D329F92B3617725749C64D1B24A28673BE325C471221C36378B01752AB57FB308CC6A69CA8D832C9BA1B472579320A55F48C3958093BE215B67107
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......koB.....X.A.."l.......q.Q.......Q.......R.....".W.>.........#....1..!..C|......OY......c....%...]>...o..]>...........&..............+.......k...t..$.........................|....2.W.......[C....[.p....$...#...!g.......(...n...C.......*...... .......P.......k..zn......*....+........:.......C....9.w\^...z.............'...TD......T....U...........N.....q3........................U.......T..........."..b...._...1...................5.................c.....=.l.E...\.l.E.....l.E..'...6...%X.......X..{4...m...a..".. ^>...U..... ........-...................&T.#......K.s...;..s....R......%...n........$...Z............P.=.......X5A.....q.C.....x.........^.......N...g..L....z..M... .......t.........w. .....};....'..................J....f.........?...........Y.|....&...Q5......KT....i..'..... .R.A.W.(..T. ....). ...|. ..............RAW (headerless) file format.....AudioContainerControl.......W.A.V. ...|. ..............WAV file format.....AudioContainerContro

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtmultimedia_pl.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):12237
                                                                                                                                                                                                    Entropy (8bit):4.698903308278698
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:ej9dNDgWPsRh14pT260/C5nwL8CCQhoTBsyX2+N8dfu3:e5fDgWPsRXGq6sC5wYCCQ3z+Gf8
                                                                                                                                                                                                    MD5:2F3EA58057D8F5EE06B505B41079C981
                                                                                                                                                                                                    SHA1:13D38D2B95CC473A5C5CD1D6A3BD9FF69B5351B3
                                                                                                                                                                                                    SHA-256:3C4CB711F6A59E5B19E4ADC0D0A6BE63C0BB55F15626AD640DB1BFD1D1363664
                                                                                                                                                                                                    SHA-512:B8D5BE73F0291B4A63603541A0174C9E59E9C3C7A5560471B28FEC08B65D1ADFFBE4D52516D3A611E4B81941199103A4367B7A936198F12F2AEDC4245C810A08
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......pl_PLB.....X.A..&I......6.........Q.......R.....6.W.>.........'....1..%..C|....J.OY......c....*0..]>...W..]>...........f..........t..(.................|... {.W.....Y.[C......p....(J..#...%.......#..................zn......*......C....c.w\^......... ......,...TD......T....7...........N.....q3....L......!....U.......T..............b........1...........H.......<...............[.c.......l.E.....l.E..._.l.E..,...6...)............a..&.. ^>.........#^......!.......T............+-.#....i.K.s......s...........*...n..._....)N.X5A.....q.C.....x.........^......L....X..M...$`................w. .....};..........."...........J..............?....]......=.|....+...Q5......KT...ti..,.....@.F.o.r.m.a.t. .p.l.i.k.u. .R.A.W. .(.b.r.a.k. .n.a.g.B...w.k.a.)..........RAW (headerless) file format.....AudioContainerControl..... .F.o.r.m.a.t. .p.l.i.k.u. .W.A.V..........WAV file format.....AudioContainerControl.....8.D.a.n.e. .d.z.w.i...k.o.w.e. .w. .p.o.s.t.a.c.i. .P.C.M

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtmultimedia_ru.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):14109
                                                                                                                                                                                                    Entropy (8bit):5.264248799271436
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:QKqItPsF4e6V1gHrptgfwwstDEp6SdZ9ZAUfiYNFzF0XJyo9Ea56V8C7Q7+ESqbj:QKZPsKZgt8dwYWXfEatierSqzb
                                                                                                                                                                                                    MD5:1841A70C30F9A2F3AA3F5BAEFF9208EE
                                                                                                                                                                                                    SHA1:3C9594CF1F3E2E64A74C32094F3B9A032C7E7FB1
                                                                                                                                                                                                    SHA-256:32C1118415F25A378D356CF01652393C8F9063145BC8F8A93C4F992166FA9D4D
                                                                                                                                                                                                    SHA-512:1C6A6A2775109FA28717913E35370CDCA5BD60C229CFD5BD63066044964EB165D65634B32E5BC6BBC4D6CBFACDB9C35B5192295CFDB85A88A9FC0A6E71704CD2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......ru_RUB.....X.A..-..........Q.......Q.......R.......W.>..........b...1..,|.C|....>.OY...&..c....1...]>......]>..$M......................#...........t../.........................|...'N.W...."..[C......p..../...#...+............n..................*...............{..zn......*...........@.:....%n.C......w\^...b.....&.......2...TD...;..T...........!P...N.....q3............<......'....U.. P...T...i..........b........1..._.......6......&.......#........g.c.......l.E.....l.E.....l.E..3w..6...0.......$...{4.......a..-.. ^>.........*.......(.......J......j.....1..#....O.K.s......s... .......1[..n...U....0...Z....C.......P.=.......X5A.....q.C.....x.........^...e...N......L....:..M...+=................w. .....};...!.......)p.......k..J...........s..?....5.....#..|....2`..Q5...A..KT....i..3.....@.$.>.@.<.0.B. .D.0.9.;.0. .R.A.W. .(.1.5.7. .7.0.3.>.;.>.2.:.0.)..........RAW (headerless) file format.....AudioContainerControl..... .$.>.@.<.0.B. .D.0.9.;.0. .W.A.V.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtmultimedia_sk.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):9896
                                                                                                                                                                                                    Entropy (8bit):4.651417016192566
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:ymzlPsi1CPNRUNEjHE4YdKNoKBrbd8vFPe:1Psc6gEjHE4YdaNBH2vFPe
                                                                                                                                                                                                    MD5:D9B73E1E553693BBE20729B972166E70
                                                                                                                                                                                                    SHA1:6FBE8ACAF2671791C9043508D4FC6D8E5B804C7B
                                                                                                                                                                                                    SHA-256:82F544F31FFB0CE80340F445AD2C8E2BA57969413EF9B5D10FE4322BB96A6851
                                                                                                                                                                                                    SHA-512:BA376AE10C71C9770D60B6E3D177F5FE26C7A496B53E4F50686B6B538B71CB7D397B01012C334C26C85B2A62B436E7600B4CE847AF7D93F1514101DD9EF6175C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......sk_SKB...8.X.A.. q.].....N.....!....1.....OY.......]>...3..]>.....................+........t.."Z...A.......=......|....>..|......W........#....<..'............0..........*....5..*....=.:.......QM^.....w\^..........#.......'.......~...U...-.......i...............................Q.......0.........l.E...n..6...#?..........&A......b...D...a..!.. ^>......tQ.................. .........'....Z.#....h..s...........#...a...h.........nE........"..N.....$..Z....}..\T......y.......L....y..M..............w. .....};...............J....Y..?....y......4.nP9......Q5......G.....i..$A....".R.A.W. .f.o.r.m...t. .s...b.o.r.u..........RAW file format.....AudioCaptureSession.....".W.A.V. .f.o.r.m...t. .s...b.o.r.u..........WAV file format.....AudioCaptureSession.......P.C.M. .a.u.d.i.o. .d...t.a..........PCM audio data.....AudioEncoderControl.....0.K.a.m.e.r.a. .n.i.e. .j.e. .p.r.i.p.r.a.v.e.n............Camera not ready.....CameraBinImageCapture.......J.P.E.G. .o.b.r...z.o.k.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtmultimedia_tr.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):13295
                                                                                                                                                                                                    Entropy (8bit):4.762391970296969
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:05P7BsqxeP7OZaiOkP+HxW6gt5wQha7JVjSprkcJmcM8:AP7BsqxK7OZ9ORHQdt5XhAJVjSprtJmY
                                                                                                                                                                                                    MD5:E7E3EA251F76ED3C680CE40CB2C62250
                                                                                                                                                                                                    SHA1:92625294D74741F479D28C2C3110DCF0C815DB2F
                                                                                                                                                                                                    SHA-256:1C79A82DCD0314EBEC350293FFFE9E2CD35CCC6BD63C449C178D42EF1DA375CF
                                                                                                                                                                                                    SHA-512:F7997F9424C65CC9F880D211919E06157073B9083BA54435BF7BAF2AD806104DEA4E985EB055998DFECD73D00613E42F1C62C799AA4BA505A0BDDF36C3AC8594
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......tr_TRB.....X.A..**.......C.Q.....f.Q.......R.....0.W.>...n.....+....1..)..C|......OY...$..c........]>......]>..!...................................t..,..............h..........|...$..W.... s.[C......p....,1..#...(............n...........|......'..................zn......*....%........:....#..C......w\^.........$g....../...TD...C..T............8...N.....q3....8..............%Y...U...X...T...c..........b........1...........B......#....... ..........c.......l.E.....l.E.....l.E..0g..6...-......."...{4.......a..*.. ^>.........'A......&.......F............/..#......K.s...Q..s............m..n...C....-7..Z....!.........=.......X5A.....q.C.....x.........^...g...N......L....|..M...(;......&.......r.w. ...#.};...........&........-..J....~.........?..........!I.|..../l..Q5...m..KT...@i..0.....8.R.A.W. .(.b.a._.l.1.k.s.1.z.). .d.o.s.y.a. .b.i...i.m.i..........RAW (headerless) file format.....AudioContainerControl..... .W.A.V. .d.o.s.y.a. .b.i...i.m.i.........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtmultimedia_uk.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):15781
                                                                                                                                                                                                    Entropy (8bit):5.306567482773278
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:1RamDXePsF0HwX1Rsd6ml+0HHCiwMmcrSWo2:XamDXePsF0HwXfsYm+0HHCiwM5SWo2
                                                                                                                                                                                                    MD5:1E8E91CAD32A6610D54E838C803E93C7
                                                                                                                                                                                                    SHA1:073965FDDD20601A8348B548DDB174B832D735B1
                                                                                                                                                                                                    SHA-256:EBF67318490F70C765B50B6CC4EB3CD4C0EAB9FF10A19BC44A0489B24CECD834
                                                                                                                                                                                                    SHA-512:29C1F790613F0B2D41685F0F6A6B910F66BD61C035F8A5B3CF4B18A7C92E4D221B1DC6C27DE67803E8FE654DE3B3BCEB2746F5B510D9CB79AC1BC943D1D73B38
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......uk_UAB.....MJ......OY......X.A..3.......j.........Q.....8.R.....p.W.>......D....C.....5 ..}q...4...1..3|.C|....V.OY...-...]>..&3..]>..*.......#t......v.Qz........t..6<............"-..|......W....)`.[C....;.p....5...#...2...[E..........v...n..........1...... ...........0$...S..zn...&..*...$..:....,..C....u.w\^..%.......7......8...TD..!...T...!Y......(....N......K....8.q3....p....../+...U..'3......&........s...T.. ...........b....{...1.......1.....6....................-a......)........]..V......W......c.....'.l.E...l.l.E...$.l.E.. ..l.E..9....~.......~......6...7.......,6...a..4....S...c. ^>.........1E....../...........................8.........#....}.K.s......s...'....N...D......7w..n........6...Z....u.......t..\T..+..X5A.....q.C...~.x.....9...~...H...^.......N......L.......M...2i....."..........w. ..%..};...(...o...........0...........J..................#...?..........*F.|....8z..Q5..#...KT....i..9.....@.$.0.9.;. .D.>.@.<.0.B.C. .R.A.W. .(.1.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtmultimedia_zh_TW.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):9951
                                                                                                                                                                                                    Entropy (8bit):5.774304533562878
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:2RHL3+0SNWeYxupp/mptZFp4tiUIHuewNSrNSh5NBBVJV69tDxTZBm59bN/5yQKq:IrkrYsEt14q8YrYLBbJVGDL4xK8NfYI
                                                                                                                                                                                                    MD5:0017FC26EB26E431C09349A310AD6208
                                                                                                                                                                                                    SHA1:C37FC24AED1827F81D2B2B8C673DC9BDD5CE7676
                                                                                                                                                                                                    SHA-256:981492BD3B7A83B280F7DE296BE80D55FC3150A45358F93745E4BE3DDEEC5CB7
                                                                                                                                                                                                    SHA-512:55896D19DA1CDDE36201D9B0EE268298CE63CB1F7145762E66E426EACCDAC5F8333FD617986697937EC5F000274BF2F066F38E3CEE879649D35E75CFCC92F034
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......zh_TWB... .X.A..........v.........Q.......Q.....>.R.......W.>..............1...T.C|......OY....y.c....!...]>......]>..........................O...........t.. .........................|......W.......[C....5.p.... K..#................n...7.......r..............<..........zn...z..*.............:.......C......w\^...&............."...TD......T..../...........N.....q3....................s...U...r...T..............b........1...................#.......9.......m.c.....9.l.E...D.l.E.....l.E..#U..6...!p.......b..{4.......a...<. ^>...s.................................."R.#......K.s......s...........!...n...{....!...Z..............=.......X5A.....q.C...F.x.........^...i...N......L....2..M....]......D.......p.w. .....};....y.......^..........J....b.........?.............|...."...Q5...[..KT....i..#.......R.A.W. .(q!j..-.). j.hHh<_...........RAW (headerless) file format.....AudioContainerControl.......W.A.V. j.hHh<_...........WAV file format.....AudioContainerC

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtquickcontrols2_ar.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):640
                                                                                                                                                                                                    Entropy (8bit):5.064844698059605
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:lKcoAaCnY6CIyLmGP+MIfB/yq+Y/WJMI9Lntig3Kc6uvRIBUt21lyy/u:lKcoA2LLmGP65Kq+YeTBnPKUvRIU2vVm
                                                                                                                                                                                                    MD5:1440AA7B6614116DB3D0B8ECBBEF4734
                                                                                                                                                                                                    SHA1:B26EC8C3694715DE9F09C39430DD9BE14FCBD23D
                                                                                                                                                                                                    SHA-256:C5CEEC934C9CCFE34F2DB92F9DDC37A2D3941D7EA3D7992422C341FD8ACF783D
                                                                                                                                                                                                    SHA-512:F7A09C0FF113FB95F9F0C9B9B55E6719E9CE01989E382614F8E74EE8759F3E61CCE0D3EF7AF6B6BF12A981B0A7510A41C92DDC66207F5471A7832E8FFBA9C851
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......arB... .Y.......A%......9.......l<n....i...+....L.D.'. .J.E.C.F. .%.F.4.'.!. .3.J.1.H.1.). .E.F. .S.t.a.n.d.a.r.d.B.u.t.t.o.n.........+Cannot create an instance of StandardButton.....QQuickPlatformDialog.....6.%.F.Q. .D.i.a.l.o.g. .5.F.A. .#.3.'.3.J.Q. .E.,.1.Q./......... Dialog is an abstract base class.....QQuickPlatformDialog.....,.%.F.Q. .M.a.t.e.r.i.a.l. .5.A.). .E.1.A.B.)......... Material is an attached property....#QtQuickControls2MaterialStylePlugin.......%.F.Q. .U.n.i.v.e.r.s.a.l. .5.A.). .E.1.A.B.).........!Universal is an attached property....$QtQuickControls2UniversalStylePlugin...............$...*.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtquickcontrols2_bg.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):707
                                                                                                                                                                                                    Entropy (8bit):5.046917980131797
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:ks7hEPIyYUamGP+MI61UzHWJMImbVchstig3lpyVchkIBUt21l1:kbYHmGP66uyTrsPLFkIU2v1
                                                                                                                                                                                                    MD5:69B7A99D8EDF9D37D7A06336F7E7AA35
                                                                                                                                                                                                    SHA1:45FD45D045964181745718628A73E0B0A17A9940
                                                                                                                                                                                                    SHA-256:E7F1855D2B969F6BD25FAE1161C148FDA7977D3863D466543EA70BB7159EA063
                                                                                                                                                                                                    SHA-512:05CCBE19D392756BB1AE2AA60B307EC7072490C3C55D5F8AB36C39B8497428A42EFE9395D807002FD121410E9A53D791238E7608339B2B48EEBC6AAFF9BDA8DB
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......bgB... .Y.......A%......9.....K.l<n....i...{....r.!.J.7.4.0.2.0.=.5.B.>. .=.0. .>.1.5.:.B. .>.B. .:.;.0.A.0. .S.t.a.n.d.a.r.d.B.u.t.t.o.n. .5. .=.5.2.J.7.<.>.6.=.>.........+Cannot create an instance of StandardButton.....QQuickPlatformDialog.....<.D.i.a.l.o.g. .5. .0.1.A.B.@.0.:.B.5.=. .1.0.7.>.2. .:.;.0.A......... Dialog is an abstract base class.....QQuickPlatformDialog.....> ..M.a.t.e.r.i.a.l .. .5. .?.@.8.:.0.G.5.=.>. .A.2.>.9.A.B.2.>......... Material is an attached property....#QtQuickControls2MaterialStylePlugin.....@ ..U.n.i.v.e.r.s.a.l .. .5. .?.@.8.:.0.G.5.=.>. .A.2.>.9.A.B.2.>.........!Universal is an attached property....$QtQuickControls2UniversalStylePlugin........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtquickcontrols2_ca.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):899
                                                                                                                                                                                                    Entropy (8bit):4.438469959975275
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:LNo5lmRwmGP6XAK/9mQvT0i/IoU9w/+POj/qIU2v1:LmCRnGCX9/EQvT04c9+MQP
                                                                                                                                                                                                    MD5:4859BBDD4DB35BB7887BEF441A671F60
                                                                                                                                                                                                    SHA1:65247A8ABF572B199131168D9143F0CCA70ED679
                                                                                                                                                                                                    SHA-256:AA2E815318F160EF24F942A67AC10F08EC3A4498582F9F42179F97CDC91B7DD3
                                                                                                                                                                                                    SHA-512:1E22FB92777ED7A8DB24D0B087F3F8A4C606698EE1FEE7F94CDC562A9CF55E698BF8AD9CDB942F2D0AE3796DD1F51D5E8D64B50CED87E7114104D325ACE08258
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......caB...(.Y.......A%............Y.9.......l<n....i...3....j.N.o. .s.'.h.a. .p.o.g.u.t. .c.r.e.a.r. .u.n.a. .i.n.s.t...n.c.i.a. .d.e. ...S.t.a.n.d.a.r.d.B.u.t.t.o.n...........+Cannot create an instance of StandardButton.....QQuickPlatformDialog.....R.E.l. .d.i...l.e.g. ...s. .u.n.a. .c.l.a.s.s.e. .d.e. .b.a.s.e. .a.b.s.t.r.a.c.t.a......... Dialog is an abstract base class.....QQuickPlatformDialog.....D...I.m.a.g.i.n.e... ...s. .u.n.a. .p.r.o.p.i.e.t.a.t. .a.d.j.u.n.t.a..........Imagine is an attached property...."QtQuickControls2ImagineStylePlugin.....F...M.a.t.e.r.i.a.l... ...s. .u.n.a. .p.r.o.p.i.e.t.a.t. .a.d.j.u.n.t.a......... Material is an attached property....#QtQuickControls2MaterialStylePlugin.....H...U.n.i.v.e.r.s.a.l... ...s. .u.n.a. .p.r.o.p.i.e.t.a.t. .a.d.j.u.n.t.a.........!Universal is an attached property....$QtQuickControls2UniversalStylePlugin........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtquickcontrols2_da.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):855
                                                                                                                                                                                                    Entropy (8bit):4.398252531163999
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:X/fgAqt6WLmGP62TZTksoUjoAlLyPheRuWAlLGIU2v1:XwFtL6GCgZTJjoAqhOAd
                                                                                                                                                                                                    MD5:3DEBE12BABA8DDB8C66337CBA56F2BFD
                                                                                                                                                                                                    SHA1:20E01040905D715E544BB809899125F072E2F107
                                                                                                                                                                                                    SHA-256:5383A65754524530DDFD461FAD7CF8A3F60A39C12B4A0A6D1F33DACC8E9240FB
                                                                                                                                                                                                    SHA-512:B458F41CFF78A507B1EED1E709462160C87FA491A1B34E736481D8DDD4E4955CBC67DEF2D786D336F7D01077F94E3107466B3E9B7F79B0DAE6D209231706A0B4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......daB...(.Y.....i.A%............9.9.......l<n....i........Z.K.a.n. .i.k.k.e. .o.p.r.e.t.t.e. .e.n. .i.n.s.t.a.n.s. .a.f. .S.t.a.n.d.a.r.d.B.u.t.t.o.n.........+Cannot create an instance of StandardButton.....QQuickPlatformDialog.....B.D.i.a.l.o.g. .e.r. .e.n. .a.b.s.t.r.a.k.t. .g.r.u.n.d.k.l.a.s.s.e......... Dialog is an abstract base class.....QQuickPlatformDialog.....@.I.m.a.g.i.n.e. .e.r. .e.n. .t.i.l.k.o.b.l.e.t. .e.g.e.n.s.k.a.b..........Imagine is an attached property...."QtQuickControls2ImagineStylePlugin.....B.M.a.t.e.r.i.a.l. .e.r. .e.n. .t.i.l.k.o.b.l.e.t. .e.g.e.n.s.k.a.b......... Material is an attached property....#QtQuickControls2MaterialStylePlugin.....D.U.n.i.v.e.r.s.a.l. .e.r. .e.n. .t.i.l.k.o.b.l.e.t. .e.g.e.n.s.k.a.b.........!Universal is an attached property....$QtQuickControls2UniversalStylePlugin........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtquickcontrols2_en.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):16
                                                                                                                                                                                                    Entropy (8bit):4.0
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:j2wZC4n:CwZ
                                                                                                                                                                                                    MD5:BCEBCF42735C6849BDECBB77451021DD
                                                                                                                                                                                                    SHA1:4884FD9AF6890647B7AF1AEFA57F38CCA49AD899
                                                                                                                                                                                                    SHA-256:9959B510B15D18937848AD13007E30459D2E993C67E564BADBFC18F935695C85
                                                                                                                                                                                                    SHA-512:F951B511FFB1A6B94B1BCAE9DF26B41B2FF829560583D7C83E70279D1B5304BDE299B3679D863CAD6BB79D0BEDA524FC195B7F054ECF11D2090037526B451B78
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtquickcontrols2_hu.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):350
                                                                                                                                                                                                    Entropy (8bit):4.492792182837576
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:CwZwl9pqyfDceCyUdnYtcIlRpkzGcpBWeYyUdnYt5I/o87Mq2Jt:1wl9pPDYvGvlRpkFpBWeYvG5I9Iq2v
                                                                                                                                                                                                    MD5:5BD0CEDEAA3E3382A00F1DEE10D422B3
                                                                                                                                                                                                    SHA1:CAAE15F8D807CEAE4B7E0F36990A02E9E7C7696A
                                                                                                                                                                                                    SHA-256:F9AA79A149A1E9E40853A50151AF1A50D7541B3EDBFD9FB645DC0EE0A90B7EA9
                                                                                                                                                                                                    SHA-512:4B680AC3E45A4315B2EA2038427387E5D93E330BABA14C7FFC24596FA7558959670ED4888A6930548E5AF760282422D10E01E6BF6F0BA6945E3E0B1DF122E29D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......hu_HUB.....Y.......9......i...*....@.A.z. .a.n.y.a.g. .e.g.y. .c.s.a.t.o.l.t. .t.u.l.a.j.d.o.n.s...g......... Material is an attached property.....QtLabsMaterialStylePlugin.....L.A.z. .u.n.i.v.e.r.z...l.i.s. .e.g.y. .c.s.a.t.o.l.t. .t.u.l.a.j.d.o.n.s...g.........!Universal is an attached property.....QtLabsUniversalStylePlugin.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtquickcontrols2_ko.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):690
                                                                                                                                                                                                    Entropy (8bit):5.273678493199002
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:+NSIy0iamGP+MIS/WJMIelIqpzXGEoUJNXFtig3B/hXbIBUt2v:B0xmGP6SeTelHzXJoUJNXFPB/hXbIU2v
                                                                                                                                                                                                    MD5:AE44D1F62EC84DC312C8BEDC0D7250D3
                                                                                                                                                                                                    SHA1:F2C18B164E4007D819791F15E64502C4751B795F
                                                                                                                                                                                                    SHA-256:4E477FAC4401B59D85867DF737E60F57FEFF0FCA913C3DEA1E51044FF89395F9
                                                                                                                                                                                                    SHA-512:90A711353FC29F05674D88E73A84ADC624FA0539591A5D1C2B90E6C2F0D67404D3AA0FFFF9FD56FCE5E50482BAF3030BB2469E6DE322F28FC82B3D211A7BF4ED
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......koB...(.Y.......A%..............9.....q.l<n....i...i....:.S.t.a.n.d.a.r.d.B.u.t.t.o.n.X. .x..4..|. .... ... ...L.........+Cannot create an instance of StandardButton.....QQuickPlatformDialog.....$.D.i.a.l.o.g... .... .0... .t............. Dialog is an abstract base class.....QQuickPlatformDialog..... .I.m.a.g.i.n.e.@. ...... ...1...........Imagine is an attached property...."QtQuickControls2ImagineStylePlugin.....".M.a.t.e.r.i.a.l.@. ...... ...1.......... Material is an attached property....#QtQuickControls2MaterialStylePlugin.....$.U.n.i.v.e.r.s.a.l.@. ...... ...1..........!Universal is an attached property....$QtQuickControls2UniversalStylePlugin.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtquickcontrols2_tr.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):819
                                                                                                                                                                                                    Entropy (8bit):4.598550011080922
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:i82CIycXWmGP+MIcKOs/CJ/WWJMIcMTSEoUdylJAlyZtig3XWAly3IBUt2v:i82WoWmGP6GRTcwoUiAl0PXWAlsIU2v
                                                                                                                                                                                                    MD5:085DA3BBE39EC4D508B1B7080D7CF92B
                                                                                                                                                                                                    SHA1:FC09BB856F1B29C223C4224700D5AAE128592206
                                                                                                                                                                                                    SHA-256:32844E80FB14809C9B8C901886FB83EA56355E2F9470FA5616CB96F87133629F
                                                                                                                                                                                                    SHA-512:BF85B7E408C2AF4B49297376B016075DFD496EE30207D1A0C9B1DB998A389FB1B70875097C6A40A3DD7B1BA33D1FF98271F7DE7E41F6A2189BC8813D7694AF39
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......tr_TRB...(.Y.....S.A%............7.9.......l<n....i........J.S.t.a.n.d.a.r.d.B.u.t.t.o.n. ...r.n.e...i. .o.l.u._.t.u.r.u.l.a.m.1.y.o.r.........+Cannot create an instance of StandardButton.....QQuickPlatformDialog.....P.0.l.e.t.i._.i.m. .k.u.t.u.s.u. .s.o.y.u.t. .b.i.r. .t.e.m.e.l. .s.1.n.1.f.t.1.r......... Dialog is an abstract base class.....QQuickPlatformDialog.....6.I.m.a.g.i.n.e. .e.k.l.i. .b.i.r. ...z.e.l.l.i.k.t.i.r..........Imagine is an attached property...."QtQuickControls2ImagineStylePlugin.....8.M.a.t.e.r.i.a.l. .e.k.l.i. .b.i.r. ...z.e.l.l.i.k.t.i.r......... Material is an attached property....#QtQuickControls2MaterialStylePlugin.....:.U.n.i.v.e.r.s.a.l. .e.k.l.i. .b.i.r. ...z.e.l.l.i.k.t.i.r.........!Universal is an attached property....$QtQuickControls2UniversalStylePlugin.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtquickcontrols2_uk.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):9439
                                                                                                                                                                                                    Entropy (8bit):5.311046235399906
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:h1lA4LYFL7DSLWg4/HaxleJWNugWGDsb5BG4sZ3z5H56kqhAWuADrTbnKKEX:htEF20HeUJmDw5BjMj1AHf4
                                                                                                                                                                                                    MD5:BCE65372BD80E39DE81C69CB32F2592C
                                                                                                                                                                                                    SHA1:57B064E83266F4337C6DAAC32CEB3052DC48D726
                                                                                                                                                                                                    SHA-256:A5274DD4C4EDFEC9991B44FB4958DA546744D7B2A32E4276B286BD9CD91F0CD9
                                                                                                                                                                                                    SHA-512:F9BA1FA927B562D155C7F06EE5CE226EC1C9C7CB87C8F986112B0747EAC29FCB535CA62E927EA06E616F94C425D955CCE462055C053C9FB3F1B2E8D504BD705A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......uk_UAB...................J..................[`.......|...0...]...d...].......].......]...b..+....".........Bb......JlT...O.X.......Y.......[.%.....\.......\.....y.\.....).\.....=.s.N..............N...z..N.....*`......~....G...D...!..........en.....K.N.....Y....l.t........>.......].......^............................k....f.......2.......w...................... ...!......R......o.....i.z.....S..........N..............fd~.......~......X....F..g......9.....:...... P.v.5...(..P....a.......t..............=.<.%.....A.$..!w.e.....,.g........T~..........l............ ...."..............2....\..!^.......N.........!=.%......%....l.%......=2....?.G.....z.x.........N..........).7c......n.....G..e............O.e........{.......Pn....i..!.....(...=.4.8.:.0.B.>.@. .7.0.9.=.O.B.>.A.B.V..........Busy Indicator.....BusyIndicatorSpecifics.........8.:.>.=.C.T.B.L.A.O..........Running.....BusyIndicatorSpecifics.....L.'.8. .V.=.4.8.:.0.B.>.@. .?.>.:.0.7.C.T. .7.0.9.=.O.B

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtquickcontrols2_zh_TW.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):647
                                                                                                                                                                                                    Entropy (8bit):5.2630314143437875
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:6qMlfIyYmGP+MI617kWJMIEStEoU5katig3TmuIBUt2v:1MdYmGP661rTMoU5kaPTmuIU2v
                                                                                                                                                                                                    MD5:F02E419522407C3D60FC51F458EA3053
                                                                                                                                                                                                    SHA1:D17C874CCB90F6C19E077257E1B9E367A4A5EC0F
                                                                                                                                                                                                    SHA-256:C6C8B3D2874D0ACFF369C286CFC4459064BF4B581CACDA6ECF70B44A849E3BE2
                                                                                                                                                                                                    SHA-512:8B6DF317C5D3AB6538E9B087CA9FB3D222403A51DC4CDA4D3C21D8FB157C948B9524A1C9B8183641FDC7E0C7A0058C9DEB48B3151A7E90CA4EBD360ED3FB0C8E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......zh_TWB...(.Y.......A%..............9.....O.l<n....i...;.....q!l.^.z.. .S.t.a.n.d.a.r.d.B.u.t.t.o.n. v.[.O..........+Cannot create an instance of StandardButton.....QQuickPlatformDialog......\..qhFp.b..aW.y..^R%......... Dialog is an abstract base class.....QQuickPlatformDialog.......I.m.a.g.i.n.e. p..DR.\l`'..........Imagine is an attached property...."QtQuickControls2ImagineStylePlugin.......M.a.t.e.r.i.a.l. p..DR.\l`'......... Material is an attached property....#QtQuickControls2MaterialStylePlugin.......U.n.i.v.e.r.s.a.l. p..DR.\l`'.........!Universal is an attached property....$QtQuickControls2UniversalStylePlugin.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtquickcontrols_bg.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):30
                                                                                                                                                                                                    Entropy (8bit):4.256564762130955
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:j2wZC4C/A/nt:Cwnt
                                                                                                                                                                                                    MD5:5EFC7712DF77A83ABFC8AD129364076C
                                                                                                                                                                                                    SHA1:1DD82E1B3C58E7352195094669711E8E6F0BEF1B
                                                                                                                                                                                                    SHA-256:13EBA6EEE539FA4570A878495EEF38D0A7DD66865A1ABA6DEDDF28D7238BB373
                                                                                                                                                                                                    SHA-512:3C7485957AC789137F6CAE0A1B4177BD600F24C399E93E1CF2A42965803A6BC1D549BDE5DA2F9DFD77E0FE16A14C89331A256B445AD0F37A9DAE6F7282109633
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......bg.......

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtquickcontrols_ca.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5113
                                                                                                                                                                                                    Entropy (8bit):4.633717200180304
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:AQlRm0fHGCnc8EeBlOIK2jI1whPe5QwNGcY3Zb+mngox9oWE8Y7YMlCvE9o7dnvO:/RvXEcUIzI1OG51NrixgoZg7YMSJG
                                                                                                                                                                                                    MD5:45E093DE3D685888F79ED1B2104B5F4B
                                                                                                                                                                                                    SHA1:91275A98D7B8C7B622021DA2A63128E20103FAD8
                                                                                                                                                                                                    SHA-256:BB5B0E11B4F425B08FA315F96EA0858E0CE9C71439E88639D22287593A9037F3
                                                                                                                                                                                                    SHA-512:8AE291380EBA7F73A1120B695DE5F6099C1FB6C4A0410FB57DAEE7D1AE8BFACCE63CF978028FC3AF24077C681A3B898A2EB1E58CE730074F8D558BA77B2124FC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......caB...(...;.......;...Q...;...!...O......O....s.._....r...$...............T.......0......f....,..f....Z...........................................e.....*.y.....+.....P.+......,.%.....,D......G.......H6......Hw9.....I'....Q.J+......J6....m.R.......S.......X.......X....T.Z.%...v..[......w.^...d.w.^..............[Y......I....4..I.......I.......I....,..f.......,....!..V....u.......z.;.......V.|......G%................... ...<.......|.....f2D......C........t...9..........t....................D.......[......].=........8....!.......^.......V..+%.....%.s....i..........A.l.f.a..........Alpha.....DefaultColorDialog.......C.a.n.c.e.l...l.a..........Cancel.....DefaultColorDialog.......T.o..........Hue.....DefaultColorDialog.......L.l.u.m.i.n.o.s.i.t.a.t..........Luminosity.....DefaultColorDialog.......D.'.a.c.o.r.d..........OK.....DefaultColorDialog.......S.a.t.u.r.a.c.i............Saturation.....DefaultColorDialog.....*.M.o.s.t.r.a. .e.l.s. .d.e.t.a.l.l.s................Sh

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtquickcontrols_da.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4917
                                                                                                                                                                                                    Entropy (8bit):4.695512689471908
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:X60le+uGiuHrLlOvb/gwHVSoyEH9hGcXablkdiemLfv2M/UdbKgMr3fDb8R0v5h9:XZuILLUv0wHcVKPrBdWUSbfDL9Xm4
                                                                                                                                                                                                    MD5:A8C5FF15237F6E08132E28F62ECF2E2B
                                                                                                                                                                                                    SHA1:0FAF797AA72B4381FD07CBC30D1A4EDEE7BBD0CB
                                                                                                                                                                                                    SHA-256:158E649F0509726821AA4575565BD98943C9EA9B5D39E3305E90F5607E2F43FC
                                                                                                                                                                                                    SHA-512:47FCC30AED9783A9C3010E4C350F33F8F2B8BBE1FAAF3387B27E6F9FFAD7BE9DF56BC9668E11463E05308272825A2DE641B2B953A90FFD7BBBFC78C39E8C7A23
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......daB...(...;.......;.......;.......O...L..O....q.._........$...d.......E...T.......0......f.......f............................................a...e.....*.y...C.+.......+......,.%.....,D......G.....b.H6......Hw9.....I'....1.J+......J6......R.....^.S.......X.....).X......Z.%......[....e.w.^...f.w.^...t.......x..[Y......I....4..I.......I.......I.......f.......,....u..V............&.;.......V.|......G%...m...................<...}...|.....f2D...Q..C....3...t..............t............I......................C.=........8............D..........+%...+.%.s....i..........A.l.f.a..........Alpha.....DefaultColorDialog.......A.n.n.u.l.l.e.r..........Cancel.....DefaultColorDialog.......F.a.r.v.e.t.o.n.e..........Hue.....DefaultColorDialog.......L.y.s.s.t.y.r.k.e..........Luminosity.....DefaultColorDialog.......O.K..........OK.....DefaultColorDialog.......F.a.r.v.e.m...t.n.i.n.g..........Saturation.....DefaultColorDialog.......V.i.s. .d.e.t.a.l.j.e.r................Show Details

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtquickcontrols_de.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5198
                                                                                                                                                                                                    Entropy (8bit):4.652984539313083
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:YFIXPWN2j819p4sskdbD1nOT7wVGcmb8ln/8lNPVKblmRxmjipVRC4QUieJUETgB:FPW2j8zbsGHtM8rHl/GpKjipmjeJ/c
                                                                                                                                                                                                    MD5:68F6BB7CD10DB04EE9ACA44D194B57CB
                                                                                                                                                                                                    SHA1:217859DB669E52BB2E5FC93B8EDE90A449BE0FBD
                                                                                                                                                                                                    SHA-256:50472C2E995F5F3CC238FF118EC7DED9E22087B5A35F78671A0CE0CA856D30E9
                                                                                                                                                                                                    SHA-512:594F5B92743CCEEB4AACC7F72C7E78E3B117CE3D9752BA067F3D47AF272BEFFEEE959F54F6E4C545F96B0F400F1630845F99FD932B56C1E3A142524E7958EAC9
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......de_DEB...(...;.......;...[...;...W...O......O....u.._........$...........;...T.......0......f....Z..f............................#...................e...W.*.y.....+.....t.+......,.%.....,D....'.G.......H6......Hw9.....I'......J+......J6......R.......S.......X.......X....^.Z.%......[......w.^...b.w.^...0.......:..[Y.../..I....6..I.......I.......I....H..f.......,....{..V............|.;.......V.|...#..G%...................F...<.......|.....f2D......C........t...=..........t....................n..............g.=.....0..8....................|..+%.....%.s...Bi..........A.l.p.h.a..........Alpha.....DefaultColorDialog.......A.b.b.r.e.c.h.e.n..........Cancel.....DefaultColorDialog.......F.a.r.b.t.o.n..........Hue.....DefaultColorDialog.......H.e.l.l.i.g.k.e.i.t..........Luminosity.....DefaultColorDialog.......O.K..........OK.....DefaultColorDialog.......S...t.t.i.g.u.n.g..........Saturation.....DefaultColorDialog.....&.D.e.t.a.i.l.s. .a.n.z.e.i.g.e.n................Show

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtquickcontrols_en.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):16
                                                                                                                                                                                                    Entropy (8bit):4.0
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:j2wZC4n:CwZ
                                                                                                                                                                                                    MD5:BCEBCF42735C6849BDECBB77451021DD
                                                                                                                                                                                                    SHA1:4884FD9AF6890647B7AF1AEFA57F38CCA49AD899
                                                                                                                                                                                                    SHA-256:9959B510B15D18937848AD13007E30459D2E993C67E564BADBFC18F935695C85
                                                                                                                                                                                                    SHA-512:F951B511FFB1A6B94B1BCAE9DF26B41B2FF829560583D7C83E70279D1B5304BDE299B3679D863CAD6BB79D0BEDA524FC195B7F054ECF11D2090037526B451B78
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtquickcontrols_fi.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5077
                                                                                                                                                                                                    Entropy (8bit):4.665021224177485
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:5UqRTIjUcthczSVMcry1Q16qio0DiDG+P42ODMI17Dzw8QF/iLicazwoNYirH:5UqOU+czdcry1Q7i5OKoK7DzYRiLi7zb
                                                                                                                                                                                                    MD5:89CF0D9A8E421EAA82464D4836C46116
                                                                                                                                                                                                    SHA1:A77E3627951F4FA354155DE123DCD68A02982D14
                                                                                                                                                                                                    SHA-256:9C29068BD39BB97154D561ED4382B9AAB077735BB1A9154E62ACCACE3D60F015
                                                                                                                                                                                                    SHA-512:D2596DDF9F7F6A4247044EDA1DBB520B825DB1C9AC3ADBAE428E44468E12FCD96C047700E687DD112020762608A874ADB14172681D62ED7A8757EBC8315BE651
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......fiB...(...;.......;...5...;.......O......O....i.._....8...$...z...........T.......0......f.......f....2...............J...........................e.....*.y.....+.....&.+....i.,.%.....,D......G.......H6......Hw9.....I'....E.J+......J6....I.R.....|.S.......X.....g.X......Z.%...T..[......w.^...P.w.^..............[Y......I....4..I....}..I.......I.......f.......,.......V....S.......<.;.......V.|......G%.......................<.......|...n.f2D...u..C........t..............t....................(.......=......1.=........8............P.......@..+%...a.%.s....i..........A.l.f.a..........Alpha.....DefaultColorDialog.......P.e.r.u..........Cancel.....DefaultColorDialog.......S...v.y..........Hue.....DefaultColorDialog.......V.a.l.o.i.s.u.u.s..........Luminosity.....DefaultColorDialog.......O.K..........OK.....DefaultColorDialog.......K.y.l.l...i.s.y.y.s..........Saturation.....DefaultColorDialog.....*.N...y.t... .y.k.s.i.t.y.i.s.k.o.h.d.a.t &..........Show Details........De

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtquickcontrols_fr.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5532
                                                                                                                                                                                                    Entropy (8bit):4.6501341239636895
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:LzHsNne/rsMxL3+Gr5XwU8tWZOKY54tYJwlD/HZL2D:LzM0rDLLrpwUVMKPnPZc
                                                                                                                                                                                                    MD5:4B266D0C369409EB8CF44C3853B5487D
                                                                                                                                                                                                    SHA1:DD5A0F5E32237C85E303D528A2C484832D278D3E
                                                                                                                                                                                                    SHA-256:3757C038F447B475E19D22619B018EFB73D539870D075242983F4C3C66802509
                                                                                                                                                                                                    SHA-512:7E3C38B9FDEA9032EECA82F3D5662352FCF5F9CE95074210776F6A53705758EE7F6F29E50D9347520D219851EA82B7C84F68D77B384709FE3B07EE31AC8AA6C3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......fr_FRB...X...;.......;...7...;.......O......J.......O....q.._....|...$.......y...............T.......0......f....,..f....H...........................................e...).*.y.....+.....`.+......,.%.....,D......G.......H6......Hw9.....I'....[.J+......J6....E.R.......S.......V.....[.X.......X....B.Z.%...T..[......w.^...^.w.^...........*..[Y......I....6..I.......I.......I.......f.......,....9..,...."..V....e.......V.;.......V.|......G%......+........................<.......|.....f2D......C........t..............t....................F.......s..............M.=........8............b..........+%...c.%.s....i..........A.l.p.h.a..........Alpha.....DefaultColorDialog.......A.n.n.u.l.e.r..........Cancel.....DefaultColorDialog.......T.e.i.n.t.e..........Hue.....DefaultColorDialog.......L.u.m.i.n.o.s.i.t............Luminosity.....DefaultColorDialog.......O.k..........OK.....DefaultColorDialog.......S.a.t.u.r.a.t.i.o.n..........Saturation.....DefaultColorDialog.....(.A.f.f.i.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtquickcontrols_ja.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4356
                                                                                                                                                                                                    Entropy (8bit):5.309069061081823
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:zPcYEKsp/y+ZqGcHNVfyhcRmsY7bkdHRcsQxz:zPcYA/nArtdyOEsY7bkLQ9
                                                                                                                                                                                                    MD5:0A1831C8EE25BCA74A1241A8D75A5298
                                                                                                                                                                                                    SHA1:B70CA988960BD62C2D4F3669C371FE382B423D34
                                                                                                                                                                                                    SHA-256:23E5B44353FB87CD02CB52208814F5CEF3EFD8E5A53869FD1C780E10306F0576
                                                                                                                                                                                                    SHA-512:BA9C20F41248631E041D38DD7891B63E1D3D2A6563AD4C589C685DE1F7211F51E7520F08C283B6392D3AB53F830B850BF0B1464B3497608F3CBC1C61E4091800
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......jaB...(...;.......;.......;.......O...z..O....k.._........$...........!...T.......0......f....b..f....................................]...........e...9.*.y.....+.......+......,.%.....,D......G.......H6......Hw9.....I'....g.J+......J6....g.R.....:.S.......X.....G.X......Z.%......[....}.w.^...0.w.^...f.......N..[Y......I....4..I....'..I.......I.......f....]..,....W..V....G.........;.....i.V.|......G%...).......,.......X...<.......|.....f2D...a..C....+...t...........x..t....%................................=........8.......................+%.....%.s....i.........0.0.0.0...........Alpha.....DefaultColorDialog......0.0.0.0.0...........Cancel.....DefaultColorDialog.......rv...........Hue.....DefaultColorDialog......QI^...........Luminosity.....DefaultColorDialog.......O.K..........OK.....DefaultColorDialog......_i^...........Saturation.....DefaultColorDialog.......s}00..hy:................Show Details........DefaultDialogWrapper......0.0.0.0.e.fB..........Accessed....

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtquickcontrols_ko.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4342
                                                                                                                                                                                                    Entropy (8bit):5.3651324907203515
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:OIz75mecEg3S9ovMoonrHGcmR3qvstBMUBAkQiAoEh+Wd9kh4:O275Zcn38o0oMbrmsvstB1BQiA55vC4
                                                                                                                                                                                                    MD5:A940D59CA6B068799F33148EA626618F
                                                                                                                                                                                                    SHA1:F13282AB88F77BA9BD20D8881459BA4CA75895B2
                                                                                                                                                                                                    SHA-256:8B111AC6FF6A437277F2E658FEFF96B3A2CBD112B5889702342C5318108528C9
                                                                                                                                                                                                    SHA-512:DA6255FB9469BA14A532224D091B3E027AF23E2A9C3942ACED57AC41C6D071D48E29BEFE2EF9C9C8590D12347C2C849E4AD1B4E66FECDFE979926B139DCAC223
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......koB...(...;.......;.......;.......O...b..O....c.._........$...............T.......0......f....`..f....................................S...........e...+.*.y.....+.....v.+......,.%.....,D....y.G.......H6......Hw9.....I'....Y.J+......J6....M.R.......S.......X.....1.X......Z.%......[....e.w.^...(.w.^...R.......>..[Y......I....2..I.......I.......I.......f....I..,....K..V..../.........;....._.V.|......G%...........&.......H...<.......|.....f2D...W..C........t...........r..t............................w........=........8....................x..+%.....%.s....i..........,..............Alpha.....DefaultColorDialog....................Cancel.....DefaultColorDialog....................Hue.....DefaultColorDialog....................Luminosity.....DefaultColorDialog.......U.x..........OK.....DefaultColorDialog.......D............Saturation.....DefaultColorDialog........8.. ...0................Show Details........DefaultDialogWrapper...........\. ..............Accessed.....Defau

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtquickcontrols_ru.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5085
                                                                                                                                                                                                    Entropy (8bit):5.238412383356313
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:UMNF/AKSYyH2LDLOAIy2dlGc+iO5cu27K6gObSFbyWnkz2VPVcutEDiR+wKg+UH:djL+BTrdh5gOb0fkiVKnbwAi
                                                                                                                                                                                                    MD5:EA8EFDED618C510FDD563F4A8B551BCB
                                                                                                                                                                                                    SHA1:A5D4F28F95FB8DD1A5374AC1968D4E99A0F11C50
                                                                                                                                                                                                    SHA-256:3744E3549588DCC8E760264E3A78B8139DA8DA37062601DAFB17FACDE117EA2A
                                                                                                                                                                                                    SHA-512:46A3D4280B2D94149AA6D4F3DAB4442910E219A8F292844376D980B95B6A23B075DD8BEF2250CD7656E4984C0F6B080E5F1C050D6360044FF46907EF1C527F59
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......ru_RUB...(...;.......;.......;.......O......O....o.._....2...$...X...........T.......0......f.......f....8...............B.......................{...e.....*.y.....+.....".+....].,.%.....,D......G.......H6......Hw9.....I'....!.J+......J6....;.R.....^.S.......X.....s.X......Z.%...<..[......w.^...\.w.^..............[Y......I....6..I.......I.......I.......f.......,.......V....K....... .;.......V.|......G%.......................<.......|...b.f2D...O..C........t..............t............w...............;......1.=........8............*.......2..+%...?.%.s....i............;.L.D.0..........Alpha.....DefaultColorDialog.........B.<.5.=.0..........Cancel.....DefaultColorDialog.........B.B.5.=.>.:..........Hue.....DefaultColorDialog......./.@.:.>.A.B.L..........Luminosity.....DefaultColorDialog.......O.K..........OK.....DefaultColorDialog.........0.A.K.I.5.=.=.>.A.B.L..........Saturation.....DefaultColorDialog.........>.:.0.7.0.B.L. .?.>.4.@.>.1.=.>.A.B.8................Sho

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtquickcontrols_tr.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4967
                                                                                                                                                                                                    Entropy (8bit):4.771284931361378
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:4LUBg4Ynkg4f13rcX8g4EygKaRKiORg4Sd7zcM7+4l:WUcnE13rcXrygK8p7zcm+a
                                                                                                                                                                                                    MD5:B7449CEC9D151BE6246E1E25C484ADF9
                                                                                                                                                                                                    SHA1:F5C5E0903159F10713A835B152231E5F92C73D0C
                                                                                                                                                                                                    SHA-256:C2BDFECF46BF829D2CA19D2458AF6E8EAB08AE4BF56EA3A4B49819EE776B2C43
                                                                                                                                                                                                    SHA-512:025C797A523D1290BE1DF507838B3AED65194239DBFA9F1F8558B805F149C3694C5B4DB1219641BFC25B13E8955EA44A1084CCC4C752964C08B2314135D99313
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......tr_TRB...(...;.......;.......;.......O...>..O....q.._........$...f...........T.......0...s..f.......f............................................M...e.....*.y...m.+.......+......,.%.....,D......G.....F.H6......Hw9...~.I'....1.J+....J.J6......R.....Z.S.......X.....#.X......Z.%......[...._.w.^...Z.w.^..............[Y......I....4..I.......I.......I.......f.......,.......V............$.;.......V.|......G%...k...................<...s...|...$.f2D...U..C....C...t..............t............/......................G.=........8............6..........+%...+.%.s....i..........A.l.f.a..........Alpha.....DefaultColorDialog.......0.p.t.a.l. .E.t..........Cancel.....DefaultColorDialog.......T.o.n..........Hue.....DefaultColorDialog.......P.a.r.l.a.k.l.1.k..........Luminosity.....DefaultColorDialog.......T.a.m.a.m..........OK.....DefaultColorDialog.......D.o.y.g.u.n.l.u.k..........Saturation.....DefaultColorDialog.....*.A.y.r.1.n.t.1.l.a.r.1. .G...s.t.e.r................Show Deta

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtquickcontrols_uk.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5091
                                                                                                                                                                                                    Entropy (8bit):5.223076055498268
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:6xSODo6SDvaO8b5l2QkGc1pzNOw76SOfWnXWTCz0xM62pM3rrbw:gSabi3rLNOw76hYmTC02f
                                                                                                                                                                                                    MD5:A44F737BC4420F4E5D7D29DE7A5C0344
                                                                                                                                                                                                    SHA1:3171D0B11E9095FC5CCF05FDCD16C5F3E1D36BD8
                                                                                                                                                                                                    SHA-256:002FCEC6278B42C20E5A58FD9E449CF197CF4DE1251737190F5E7D2BD4344D25
                                                                                                                                                                                                    SHA-512:6164D855EF9BB904BF4C13BECB2060CE798F5F76014337D5EFC72C8BA74B65A51A3B416566C4AA8142CA35B76EB0B3CFBE761FD86BE23CB9811C1DBF047BE293
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......uk_UAB...(...;.......;.......;.......O......O....u.._....4...$...z...........T.......0......f.......f....@...............R...........................e.....*.y.....+.....&.+....a.,.%.....,D......G.......H6......Hw9.....I'....C.J+......J6....M.R.....n.S.......X.....}.X......Z.%...J..[......w.^...f.w.^..............[Y......I....6..I.......I.......I.......f.......,.......V....W.......6.;.......V.|......G%.......................<.......|...f.f2D...s..C........t..............t....................2.......C......?.=........8............L.......8..+%...K.%.s....i............;.L.D.0..........Alpha.....DefaultColorDialog.......!.:.0.A.C.2.0.B.8..........Cancel.....DefaultColorDialog.........V.4.B.V.=.>.:..........Hue.....DefaultColorDialog.......!.2.V.B.=.V.A.B.L..........Luminosity.....DefaultColorDialog.......O.K..........OK.....DefaultColorDialog.........0.A.8.G.5.=.V.A.B.L..........Saturation.....DefaultColorDialog.....$...>.:.0.7.0.B.8. .4.5.B.0.;.V................Sho

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtquickcontrols_zh_TW.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4187
                                                                                                                                                                                                    Entropy (8bit):5.281974574358389
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:WBudgLB73v3RrACfQh14vk4GcUXYpwvDaDC0CeGydGfNf1rDRwL:XOLBVACfQkXrUopwvDteGW2xpDG
                                                                                                                                                                                                    MD5:7C08EF1EB08DD9A9BB371C9F08E368F8
                                                                                                                                                                                                    SHA1:BA2DC2D4C1F8FC67709ECC549587AB7E09CBD1FE
                                                                                                                                                                                                    SHA-256:BCABA0150BAB659308CBF03641C0F33EADB0277F8EFD9257DA6AC122454A8909
                                                                                                                                                                                                    SHA-512:8B962C4EF43F51128E87258785EDBD69AFA63557E13C2F6AEB9D1B0C11C06A23E5966C88AFF4A86DEFE6A76DDD4BCB5C609EEDADF936FFD167ABFEA4EE8F6EBA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......zh_TWB...(...;.......;...o...;...g...O......O....c.._........$...P.......}...T...M...0..._..f....,..f....................p...........................e.....*.y.....+.......+......,.%.....,D....a.G.....b.H6......Hw9.....I'....!.J+....R.J6......R.......S.......X.......X....>.Z.%...b..[......w.^...*.w.^..............[Y...{..I....2..I.......I....~..I.......f....1..,.......V..............;.......V.|...?..G%.......................<...-...|...J.f2D......C........t...-.......l..t............+........................=........8............Z.......&..+%.....%.s....i...........f.^...........Alpha.....DefaultColorDialog......S.m...........Cancel.....DefaultColorDialog.......r............Hue.....DefaultColorDialog......N.^...........Luminosity.....DefaultColorDialog......x.............OK.....DefaultColorDialog........T.^...........Saturation.....DefaultColorDialog.......oy:.s`. &..........Show Details........DefaultDialogWrapper......[XS.fB............Accessed.....DefaultFileD

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtserialport_de.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2487
                                                                                                                                                                                                    Entropy (8bit):4.27753479149241
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:3kYi+mXbyPn3d1C4QVrOZ3pOkkXa93Uso45PQkK+7Dc9+NDkzsfgN:rm8NLQK3fkK9kso4VDK6Dkekz7N
                                                                                                                                                                                                    MD5:5D3A2A6611C748317E9D86B576CD619F
                                                                                                                                                                                                    SHA1:9894F3D41CD8705B7AE6FA24F4142F85DF2488E2
                                                                                                                                                                                                    SHA-256:1D4D46A9CBF66D8313434CB6177D1E05CD93B61062307C704498DFD78AB6386C
                                                                                                                                                                                                    SHA-512:C17CF936C81E86434676A013D76627E58E9DFFE0636EEDD3D7614F297CBCE68EE4F63227AF6C63C273012D97C68946219249E8BB21D2B4ABCC68AAE629816E2D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......de_DEB......<....a.l.2.....G1^...........V.h~........^...Y.O.I..............!.......E...2...u... ........x.............w................i..........E.s. .k.a.n.n. .k.e.i.n.e. .b.e.n.u.t.z.e.r.d.e.f.i.n.i.e.r.t.e. .B.a.u.d.-.R.a.t.e. .f...r. .e.i.n.e. .R.i.c.h.t.u.n.g. .f.e.s.t.g.e.l.e.g.t. .w.e.r.d.e.n.........)Cannot set custom speed for one direction.....QSerialPort.......B.e.n.u.t.z.e.r.d.e.f.i.n.i.e.r.t.e. .B.a.u.d.-.R.a.t.e.n. .f...r. .e.i.n.z.e.l.n.e. .R.i.c.h.t.u.n.g.e.n. .w.e.r.d.e.n. .n.i.c.h.t. .u.n.t.e.r.s.t...t.z.t.........)Custom baud rate direction is unsupported.....QSerialPort.....l.B.e.n.u.t.z.e.r.d.e.f.i.n.i.e.r.t.e. .B.a.u.d.-.R.a.t.e.n. .w.e.r.d.e.n. .n.i.c.h.t. .u.n.t.e.r.s.t...t.z.t.........!Custom baud rate is not supported.....QSerialPort.....>.G.e.r...t. .w.u.r.d.e. .v.o.m. .S.y.s.t.e.m. .e.n.t.f.e.r.n.t........."Device disappeared from the system.....QSerialPort.....,.G.e.r...t. .b.e.r.e.i.t.s. .g.e...f.f.n.e.t..........Device is already

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtserialport_en.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):16
                                                                                                                                                                                                    Entropy (8bit):4.0
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:j2wZC4n:CwZ
                                                                                                                                                                                                    MD5:BCEBCF42735C6849BDECBB77451021DD
                                                                                                                                                                                                    SHA1:4884FD9AF6890647B7AF1AEFA57F38CCA49AD899
                                                                                                                                                                                                    SHA-256:9959B510B15D18937848AD13007E30459D2E993C67E564BADBFC18F935695C85
                                                                                                                                                                                                    SHA-512:F951B511FFB1A6B94B1BCAE9DF26B41B2FF829560583D7C83E70279D1B5304BDE299B3679D863CAD6BB79D0BEDA524FC195B7F054ECF11D2090037526B451B78
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtserialport_es.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2507
                                                                                                                                                                                                    Entropy (8bit):4.141026731537408
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:qn2tc7kIAhTN/sy27CDlLpr8fZ5NFn/rsIqDcj7OccC3:qM3C88fZr1o2j7Occq
                                                                                                                                                                                                    MD5:5B3E91AEDA2B933448464F6C2257024A
                                                                                                                                                                                                    SHA1:0F5230208C8B2E8CB3D478F9DFCEACD5319972BE
                                                                                                                                                                                                    SHA-256:460FC8A3BF5DB24CF570ED0CAF72C30D754A16859B3F80143ED6B9BB6A78370B
                                                                                                                                                                                                    SHA-512:E2AAE44D48A5648F8A9B41F92BCA78AC725E69076F642BF6DF064FE5C5EDAE3E5961BFC5D2F3F6BD24433DFEAA9992C949527CD21FF520D101417F47302750DD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......es_ESB......<......l.2.....G1^...........n.h~........^...[.O.I...........&..!.......E...<...u...`........x.............S................i... ......N.o. .s.e. .p.u.e.d.e. .e.s.t.a.b.l.e.c.e.r. .u.n.a. .v.e.l.o.c.i.d.a.d. .p.e.r.s.o.n.a.l.i.z.a.d.a. .p.a.r.a. .u.n.a. .d.i.r.e.c.c.i...n.........)Cannot set custom speed for one direction.....QSerialPort.......E.s.t.a.b.l.e.c.e.r. .u.n. .r.a.t.i.o. .d.e. .b.a.u.d.i.o.s. .p.a.r.a. .u.n.a. .s.o.l.a. .d.i.r.e.c.c.i...n. .n.o. .e.s.t... .s.o.p.o.r.t.a.d.o.........)Custom baud rate direction is unsupported.....QSerialPort.....f.E.l. .r.a.t.i.o. .d.e. .b.a.u.d.i.o.s. .p.e.r.s.o.n.a.l.i.z.a.d.o. .n.o. .e.s.t... .s.o.p.o.r.t.a.d.o.........!Custom baud rate is not supported.....QSerialPort.....T.E.l. .d.i.s.p.o.s.i.t.i.v.o. .h.a. .d.e.s.a.p.a.r.e.c.i.d.o. .d.e.l. .s.i.s.t.e.m.a........."Device disappeared from the system.....QSerialPort.....<.E.l. .d.i.s.p.o.s.i.t.i.v.o. .y.a. .e.s.t... .a.b.i.e.r.t.o..........Device is alread

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtserialport_ja.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1744
                                                                                                                                                                                                    Entropy (8bit):5.55561281968907
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:7yyIKGiKGzwIQTbR4J0Xq4yeOE81pgBbeUs6Q7PQkdDcSDCTGmg:VIdidzwNR6yp3dMSBJs6ODdDcSH
                                                                                                                                                                                                    MD5:149CBDCA3315BB180312FD06B215E29B
                                                                                                                                                                                                    SHA1:61ADCB5F1B4C9F18090A724680D10CCDAB8E1201
                                                                                                                                                                                                    SHA-256:9641CC7BC400A29EC3FC54F69C72AE25F190B199817DCD0B4F564FCF5B01D638
                                                                                                                                                                                                    SHA-512:0775D3FC99AB2343D699543B7AE0BAD6B358CB5693B4E0D40B42301B051473B3B5487118541BAD6F34F2A7B84FE9AB81E994ED6B4A570971B0B114BF4ABB8878
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......ja_JPB......<....a.l.2...h.G1^.............h~........^.....O.I...C..........!.......E.......u..........k.x.............i.......y........i...,....0N.e.T.0`0Q..^.0.0.0.0.0.0.0.0Y0.0S0h0o0g0M0~0[0..........)Cannot set custom speed for one direction.....QSerialPort.....6N.e.T.0`0Q0.0.0.0.0.0.0.0.0.0.0.0.0Y0.0S0h0o0g0M0~0[0..........)Custom baud rate direction is unsupported.....QSerialPort.....00.0.0.0.0.0n0.0.0.0.0.0.0o0.0.0.0.0U0.0f0D0~0[0..........!Custom baud rate is not supported.....QSerialPort....."0.0.0.0.0K0.0.0.0.0.0Lm.Y10W0~0W0_........."Device disappeared from the system.....QSerialPort......0.0.0.0.0oe.0k..0K0.0f0D0~0Y..........Device is already open.....QSerialPort......0.0.0.0.0L..0K0.0f0D0~0[0...........Device is not open.....QSerialPort..... 0.0.0.0.0K0...0...0.0~0[0.0g0W0_..........Error reading from device.....QSerialPort......0.0.0.0.0xf.0M..0.0~0[0.0g0W0_..........Error writing to device.....QSerialPort......q!R.0j0.0.0.0.0.0nP$0g0Y..........Inva

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtserialport_ko.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1627
                                                                                                                                                                                                    Entropy (8bit):5.657434741027078
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:8cxfV2frXvzfuThZwj47WqZp1lfeUsLPQkRFlNRe:8cxfV2frXLfudZw8qMTlftsTDR/a
                                                                                                                                                                                                    MD5:AC6E653EEB49365F0D971C661E34008C
                                                                                                                                                                                                    SHA1:E80E7A6C88E32A958E5F53942E26BDA905CB1145
                                                                                                                                                                                                    SHA-256:9C8447F8C0699B318F8AE26EF53500B5E80CE06B615E1AF1A9205BA16F7F6DA0
                                                                                                                                                                                                    SHA-512:C8A37926FCB1FB94FE8859802B4AD4DA18EBAB36DC76D270A30C3154E3D4E4B3C172BD074EF6EEA2A024300F086E40ECDD7CFFD028D553CD1088B66FF1639E79
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......koB......<....!.l.2...8.G1^...........j.h~........^.....O.I..............!.......E.......u..........G.x.....k.......Y................i........8.\. .. .)..<.\. ..... ...X. ....|. .$...`. ... ...L.........)Cannot set custom speed for one direction.....QSerialPort.....*..... ...X. ..... .)..D. .....X... .J.L.........)Custom baud rate direction is unsupported.....QSerialPort.....$..... ...X. ....|. .....X... .J.L.........!Custom baud rate is not supported.....QSerialPort........X... ....\..... .....(........."Device disappeared from the system.....QSerialPort........X... .t... ...8.L..........Device is already open.....QSerialPort........X... ....... .J.X.L..........Device is not open.....QSerialPort........X..... .}... ... .$.X. ..............Error reading from device.....QSerialPort........X... ... ... .$.X. ..............Error writing to device.....QSerialPort............ ..... ............Invalid baud rate value.....QSerialPort.......$.X. ...L

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtserialport_pl.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2002
                                                                                                                                                                                                    Entropy (8bit):4.456120803288729
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:kTyjgtbFLpS0E9Ms9l0hpGi13mOPMDt/HZ:kpbnf3mO6
                                                                                                                                                                                                    MD5:81B4056C1A7A148C4B4489BEAA35873F
                                                                                                                                                                                                    SHA1:038FC24EA0A8777A2762983A1EBA88588D9F3D48
                                                                                                                                                                                                    SHA-256:7D8200285797267BDEB2A630888100C35E0A06A6ACBD3C5254DCAB022765614F
                                                                                                                                                                                                    SHA-512:6AFCFEEE5419C45362939D8887C2685F7FF3236B3F04A67C2EAE662CE51160819C26270D32B46562349704AAFD6B8AC23CB764753F3B8C4DB922A177F99F3AFA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......pl_PLB...p..<......l.2.....G1^.....h~........^...6.O.I...........)..!.......E.......u...y........x.............N.......ri.../....r.N.i.e. .m.o.|.n.a. .u.s.t.a.w.i... .i.n.n.e.j. .p.r...d.k.o.[.c.i. .t.y.l.k.o. .w. .j.e.d.n.y.m. .k.i.e.r.u.n.k.u.........)Cannot set custom speed for one direction.....QSerialPort.....R.Z.m.i.a.n.a. .p.r...d.k.o.[.c.i. .b.o.d. .n.i.e. .j.e.s.t. .o.b.s.B.u.g.i.w.a.n.a.........!Custom baud rate is not supported.....QSerialPort.....:.U.r.z...d.z.e.n.i.e. .z.n.i.k.n...B.o. .z. .s.y.s.t.e.m.u........."Device disappeared from the system.....QSerialPort.....6.U.r.z...d.z.e.n.i.e. .j.e.s.t. .j.u.|. .o.t.w.a.r.t.e..........Device is already open.....QSerialPort.....6.U.r.z...d.z.e.n.i.e. .n.i.e. .j.e.s.t. .o.t.w.a.r.t.e..........Device is not open.....QSerialPort.....2.B.B...d. .o.d.c.z.y.t.u. .z. .u.r.z...d.z.e.n.i.a..........Error reading from device.....QSerialPort.....2.B.B...d. .z.a.p.i.s.u. .d.o. .u.r.z...d.z.e.n.i.a..........Error writ

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtserialport_ru.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2370
                                                                                                                                                                                                    Entropy (8bit):5.047593865082558
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:ql5A1HrEoOHx9JkzQDfS9L5EsRfDR20G3:qfAdrE9InL5zPRw
                                                                                                                                                                                                    MD5:B63CC167E464D1DC72FD9FE57973F063
                                                                                                                                                                                                    SHA1:BC6CE99F77DA9FB39030286E9B3C204312874184
                                                                                                                                                                                                    SHA-256:AA9069CA426240D035BA132F3F2B9CF2D55863466DFC745A1A156BDA1AF89565
                                                                                                                                                                                                    SHA-512:6E779EEFE0017C0D81F10EC37E16EBBE67908B264F1D1919F3EC6361202E9FC76E098F32C09E47AECB6C36C52867A317723F0281EE9726143B9514B1A1E63474
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......ru_RUB......<......l.2.....G1^.............h~........^.....O.I...e..........!.......E.......u..........W.x.............................1i............5.2.>.7.<.>.6.=.>. .C.A.B.0.=.>.2.8.B.L. .>.A.>.1.C.N. .A.:.>.@.>.A.B.L. .B.>.;.L.:.>. .2. .>.4.=.>.<. .=.0.?.@.0.2.;.5.=.8.8.........)Cannot set custom speed for one direction.....QSerialPort.....v...0.?.@.0.2.;.5.=.8.O. .?.5.@.5.4.0.G.8. .4.;.O. .>.A.>.1.K.E. .A.:.>.@.>.A.B.5.9. .=.5. .?.>.4.4.5.@.6.8.2.0.N.B.A.O.........)Custom baud rate direction is unsupported.....QSerialPort.....T...A.>.1.0.O. .A.:.>.@.>.A.B.L. .?.5.@.5.4.0.G.8. .=.5. .?.>.4.4.5.@.6.8.2.0.5.B.A.O.........!Custom baud rate is not supported.....QSerialPort.....:.#.A.B.@.>.9.A.B.2.>. .C.4.0.;.5.=.>. .8.7. .A.8.A.B.5.<.K........."Device disappeared from the system.....QSerialPort.....,.#.A.B.@.>.9.A.B.2.>. .C.6.5. .>.B.:.@.K.B.>..........Device is already open.....QSerialPort.....*.#.A.B.@.>.9.A.B.2.>. .=.5. .>.B.:.@.K.B.>..........Device is not op

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtserialport_uk.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2424
                                                                                                                                                                                                    Entropy (8bit):5.064131363064634
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:6d5MHAsFGmjR3pg/WrNKjMw2dGKuNs4dDQEKR+dCcVwn50J:S5MxHjRXUiyn5J
                                                                                                                                                                                                    MD5:BE67D46B673901941FB9DC71A484C793
                                                                                                                                                                                                    SHA1:42DA8F0CF8D317C9B5A80F5DCF71F6F0070EC476
                                                                                                                                                                                                    SHA-256:965A71EF9B7E976EDE3483471D0727CB9F76D5F280D2B6A7FB543EA3DADEC99A
                                                                                                                                                                                                    SHA-512:5CB1B4DDF2E626380BC6996E29D261FEE3D84CDABF37876D13ECE0F83C0FCDC79518D367479320120144987500220E192940AB50DCB6B2B29296AF38FD4A5BF5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......uk_UAB......<....5.l.2.....G1^.............h~........^.....O.I..............!.......E.......u..........W.x.....O.......+.............../i........|...5.<.>.6.;.8.2.>. .2.A.B.0.=.>.2.8.B.8. .2.;.0.A.=.C. .H.2.8.4.:.V.A.B.L. .;.8.H.5. .4.;.O. .>.4.=.>.3.>. .=.0.?.@.O.<.:.C.........)Cannot set custom speed for one direction.....QSerialPort.........;.0.A.=.0. .H.2.8.4.:.V.A.B.L. .?.5.@.5.4.0.2.0.=.=.O. .4.;.O. .>.4.=.>.3.>. .=.0.?.@.O.<.:.C. .=.5. .?.V.4.B.@.8.<.C.T.B.L.A.O.........)Custom baud rate direction is unsupported.....QSerialPort.....Z...;.0.A.=.0. .H.2.8.4.:.V.A.B.L. .?.5.@.5.4.0.2.0.=.=.O. .=.5. .?.V.4.B.@.8.<.C.T.B.L.A.O.........!Custom baud rate is not supported.....QSerialPort.....0...@.8.A.B.@.V.9. .7.=.8.:. .V.7. .A.8.A.B.5.<.8........."Device disappeared from the system.....QSerialPort.....*...@.8.A.B.@.V.9. .2.6.5. .2.V.4.:.@.8.B.>..........Device is already open.....QSerialPort.....(...@.8.A.B.@.V.9. .=.5. .2.V.4.:.@.8.B.>..........Device is not op

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtwebsockets_ca.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):9664
                                                                                                                                                                                                    Entropy (8bit):4.410941854365823
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:MdUTDLaio/iIpJi8990CXbiYZB/E7l5moz0f:VaioV3i8990CXbiY0x5mow
                                                                                                                                                                                                    MD5:61A9C3C20D12647C70015C3DF7A81C36
                                                                                                                                                                                                    SHA1:822AE4F3613C6B914C12004E9C15CE1C3E307B7F
                                                                                                                                                                                                    SHA-256:BFC532A1E88E2064869EDDA4896DF24B744AD78E31F56006EAAA92CF82452AC0
                                                                                                                                                                                                    SHA-512:F6DD5AFD39A5F268ED9F33EA0761BE3F23CE2AD59EE1A27FEAD49BB21ACB0EC7369DF533BA005EEFADB21C76920A4E54D1B919D5036961B5B5A6C964071740B7
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......caB..........#m...........N..... .......o...............R.Q......cn...!...N...a..-...........Y..\... q.`H......^.n..".......b..-....K.@.......T......Um......i........Z..."...........3......W.^.....f........C......Y/......8.......`n............'...n.......>...M.................0......)._...........N......!{.........1.....'.......S........s>..."..|........q........>...........6...~... .*.......x\....p..4....`i..$.....z.E.l.s. .m.i.s.s.a.t.g.e.s. .n.o.m...s. .e.s. .p.o.d.e.n. .e.n.v.i.a.r. .q.u.a.n. .e.l. .s...c.o.l. .e.s.t... .o.b.e.r.t...........2Messages can only be sent when the socket is open......QQmlWebSocket.....B.E.l. ...Q.Q.m.l.W.e.b.S.o.c.k.e.t... .n.o. .e.s.t... .l.l.e.s.t............QQmlWebSocket is not ready......QQmlWebSocket.....N.E.l. ...Q.Q.m.l.W.e.b.S.o.c.k.e.t.S.e.r.v.e.r... .n.o. .e.s.t... .l.l.e.s.t...........!QQmlWebSocketServer is not ready......QQmlWebSocketServer.......L.a. .c.l.a.u. .d.'.a.c.c.e.p.t.a.c.i... .r.e.b.u.d.a. .d.e.l. .s.e.r

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtwebsockets_de.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):10404
                                                                                                                                                                                                    Entropy (8bit):4.447381304896757
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:jbrtfjIQdT3L8xex2HjdeATI3jH510B0W1EjwsxiitsMvf:DhjndTb8xex2HjdxCH58+jwsxt
                                                                                                                                                                                                    MD5:C6F6F4A94C06E8D18C7D087749E6E3C5
                                                                                                                                                                                                    SHA1:95ED5C2F7E9A3182C986C7D8EB4DA5FE30DA61D5
                                                                                                                                                                                                    SHA-256:68757EAFC703F59C5C4C309E5408144DEBF302362E1F1628D5AAD610C7244A4C
                                                                                                                                                                                                    SHA-512:F1FD265D41F56FD32F90CDFCF463A347BEA0AB076E088EF998E99CC75EBCE3EC7BE01CC18C0BDAE53EA4E5B362D313C591410711F7D06641DAF574BCD05C52F8
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......de_DEB.................&............N..... .......o...............R.Q...N..cn...]...N..!...-..............\..."..`H......^.n..%.......v..-....M.@.......T......Um......i........A~.. ...Z...%Q..........3... ..W.^.....f........C......Y/....)........8.......`n....h.......s...n.......>...Q.................0......)._...J......."......#..........1.......E....$......................#..s>...$..|........q........>..!n...........~...L.*.......x\.......4....Fi..&.......N.a.c.h.r.i.c.h.t.e.n. .k...n.n.e.n. .n.u.r. .v.e.r.s.a.n.d.t. .w.e.r.d.e.n.,. .w.e.n.n. .d.e.r. .S.o.c.k.e.t. .g.e...f.f.n.e.t. .i.s.t...........2Messages can only be sent when the socket is open......QQmlWebSocket.....6.Q.Q.m.l.W.e.b.S.o.c.k.e.t. .n.i.c.h.t. .b.e.r.e.i.t............QQmlWebSocket is not ready......QQmlWebSocket.....B.Q.Q.m.l.W.e.b.S.o.c.k.e.t.S.e.r.v.e.r. .n.i.c.h.t. .b.e.r.e.i.t...........!QQmlWebSocketServer is not ready......QQmlWebSocketServer.......D.e.r. .A.c.c.e.p.t.-.S.c.h.l...s.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtwebsockets_en.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):16
                                                                                                                                                                                                    Entropy (8bit):4.0
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:j2wZC4n:CwZ
                                                                                                                                                                                                    MD5:BCEBCF42735C6849BDECBB77451021DD
                                                                                                                                                                                                    SHA1:4884FD9AF6890647B7AF1AEFA57F38CCA49AD899
                                                                                                                                                                                                    SHA-256:9959B510B15D18937848AD13007E30459D2E993C67E564BADBFC18F935695C85
                                                                                                                                                                                                    SHA-512:F951B511FFB1A6B94B1BCAE9DF26B41B2FF829560583D7C83E70279D1B5304BDE299B3679D863CAD6BB79D0BEDA524FC195B7F054ECF11D2090037526B451B78
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtwebsockets_es.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):9679
                                                                                                                                                                                                    Entropy (8bit):4.371356452938804
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:qEGfgjDpAFuls69JXCoqXAwnW+8iuEOBbQAPf:fYgjDl9JXCoqXAw5RfOxQY
                                                                                                                                                                                                    MD5:0C5594458C800642DB69B3FC6B33D7F9
                                                                                                                                                                                                    SHA1:9C9671E0102B3AD13BE6C242790E1FB1B01BAA16
                                                                                                                                                                                                    SHA-256:8CCB4369029D62C51BBEE6D210A841337A8736382ACEA03D664A289FD6F12719
                                                                                                                                                                                                    SHA-512:FF66AC628085687DBBEEFC37891003A6238CEBA46469E60E421EBF5533EB34947A198082EFDDB07F54B93C83BFAAC47EE444F10ED69E60B1E84A0DFCAF7C896A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......es_ESB..........#............N..... .......o.............M.R.Q... ..cn...}...N......-...........i..\... ..`H......^.n..#..........-......@.......T......Um......i........Z..."...........3......W.^.....f........C......Y/....e.8.......`n....$.......I...n.......>...Q.................0......)._...f.......4......!..........1.....y.......U........s>..."5.|........q....C...>...........8...~...T.*.......x\.......4....pi..$.......L.o.s. .m.e.n.s.a.j.e.s. .s...l.o. .p.u.e.d.e.n. .s.e.r. .e.n.v.i.a.d.o.s. .c.u.a.n.d.o. .e.l. .s.o.c.k.e.t. .e.s.t... .a.b.i.e.r.t.o...........2Messages can only be sent when the socket is open......QQmlWebSocket.....8.Q.Q.m.l.W.e.b.S.o.c.k.e.t. .n.o. .e.s.t... .l.i.s.t.o............QQmlWebSocket is not ready......QQmlWebSocket.....D.Q.Q.m.l.W.e.b.S.o.c.k.e.t.S.e.r.v.e.r. .n.o. .e.s.t... .l.i.s.t.o...........!QQmlWebSocketServer is not ready......QQmlWebSocketServer.......L.a. .c.l.a.v.e. .d.e. .a.c.e.p.t.a.c.i...n. .r.e.c.i.b.i.d.a. .p.o.r. .

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtwebsockets_fr.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):9639
                                                                                                                                                                                                    Entropy (8bit):4.399726739516741
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:Tuhw8Ah0rYOy8fmi9H+grrHFAuHeD/vI8nF+61/SwaLTxkOFUSzhbpAZggmp7EuM:TDUDmsPq8SOP5d2kp7Ee4Ej+2gv5
                                                                                                                                                                                                    MD5:E5A6AEA6373B8C6E2AE8EED0F63331C0
                                                                                                                                                                                                    SHA1:AC7984096A151A5D4D94A0502564964224A946ED
                                                                                                                                                                                                    SHA-256:8543BE2F86936748D8BDA70F439D3854306FCE5AC5C94ACFD36A1FFA16EA1E71
                                                                                                                                                                                                    SHA-512:16AAB2C0BAA5118EEAE8382B06194A696B534A70A8A2C0E7175B3C6679EF6A8A77802261BC339C7F6B3BC3E58A59B6E2B63E155EE40EAA5732EF52E19063FD53
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......fr_FRB..........#Q...........N..... .......o...............R.Q......cn...#...N...s..-..........._..\... {.`H......^.n..".......V..-......@.......Um......i........Z..."z.......v..3......H.$.....W.^...o.f........C.......`....=.Y/......8.......`n................n.......>...W.................0......)._..................!................7........s>..."..|........q........>...........,...~.....*.......x\....X..4....fi..#.......L.e.s. .m.e.s.s.a.g.e.s. .n.e. .p.e.u.v.e.n.t. ...t.r.e. .e.n.v.o.y...s. .q.u.e. .l.o.r.s.q.u.e. .l.e. .s.o.c.k.e.t. .e.s.t. .o.u.v.e.r.t...........2Messages can only be sent when the socket is open......QQmlWebSocket.....:.Q.Q.m.l.W.e.b.S.o.c.k.e.t. .n.'.e.s.t. .p.a.s. .p.r...t............QQmlWebSocket is not ready......QQmlWebSocket.....F.Q.Q.m.l.W.e.b.S.o.c.k.e.t.S.e.r.v.e.r. .n.'.e.s.t. .p.a.s. .p.r...t...........!QQmlWebSocketServer is not ready......QQmlWebSocketServer.......A.c.c.e.p.t.-.K.e.y. .r.e...u. .d.u. .s.e.r.v.e.u.r. .%.1. .n.e.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtwebsockets_ja.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):7270
                                                                                                                                                                                                    Entropy (8bit):5.696245556869249
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:OWASAuv99X9MhLHL+la9uVd9WEnuiZjLB:O+X9t9cLHL+la9u9nui5N
                                                                                                                                                                                                    MD5:64FC24764E356C4A7734FCE510E5F77E
                                                                                                                                                                                                    SHA1:E4B235F2F6CFAC847381C3AF8C5631DE92A934A2
                                                                                                                                                                                                    SHA-256:7DFE297C2752ADA9D11933F555D2A616FB92F4B4F3C27BBA783A83AB65B61F9B
                                                                                                                                                                                                    SHA-512:D03D412C044B275E64AC2C602BA9AFD2939CB174CDDE99F69BCAC1F0934AA1BE6DF15FCC28189CCA60094BBA3AAEE04156D6FA78BB589DE41C4203CBB074C610
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......ja_JPB...........3.......4...N..... .....t.o...............R.Q......cn.......N...=..-...........9..\......`H......^.n.............-....9.@.......T......Um......i.....G..Z...............3......W.^...5.f.....1..C......Y/....I.8.......`n............_...n.......>..................7..0......)._...........................`.1.....I..............Q.s>....5.|........q....e...>...........N...~.....*.......x\.......4.....i........40.0.0.0.0.0o0.0.0.0.0L..0D0f0D0.fB0n0...O.0g0M0~0Y0..........2Messages can only be sent when the socket is open......QQmlWebSocket.....4.Q.Q.m.l.W.e.b.S.o.c.k.e.t. 0nn.P.0L0g0M0f0D0~0[0.0...........QQmlWebSocket is not ready......QQmlWebSocket.....@.Q.Q.m.l.W.e.b.S.o.c.k.e.t.S.e.r.v.e.r. 0nn.P.0L0g0M0f0D0~0[0.0..........!QQmlWebSocketServer is not ready......QQmlWebSocketServer.....l0.0.0.0K0.S.0QS.0c0_. .A.c.c.e.p.t. 0.0.0.0nP$. .%.1. 0L0.0.0.0.0.0.0n. .K.e.y. 0nP$. .%.2. 0hT...0W0~0[0.0..........DAccept-Key received from server %1 does not mat

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtwebsockets_ko.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):7131
                                                                                                                                                                                                    Entropy (8bit):5.747159181039558
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:vtiS0wgLajxdctKtjtdtVtRSRARSfsEi7tD28hUB:1RgLalvSWRciR2T
                                                                                                                                                                                                    MD5:AF507F561A307C883AFE57DE9E3517CD
                                                                                                                                                                                                    SHA1:D6867299EA100E6EFD6F549CB34F491DBFCD2757
                                                                                                                                                                                                    SHA-256:BF3B71EABB20BBCAC27C5F8671BB7060E9EAB7BC6821BA8F09D2D67EE82367B6
                                                                                                                                                                                                    SHA-512:4DA1CDEB68888AF54166667185ACD092DEAEB6EBDE4876DBE59798CB6DBE6630D6EABD420BD282EDFC4B558637216059E418D43433BF4D919FE77209A5AE4624
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......koB...................,...N...T. .....p.o.............i.R.Q...L..cn.......N......-...........5..\....{.`H......^.n...G......L..-......@.......T....s.Um......i........Z...............3....S.W.^.....f........C......Y/......8.......`n................n.......>..................9..0......)._...b...............%.......^.1....................C.s>......|........q........>...........J...~...D.*.......x\.......4.....i..."....<.....t. ...$. ..D. .L.... .T.....|. .....`. ... ................2Messages can only be sent when the socket is open......QQmlWebSocket.....4.Q.Q.m.l.W.e.b.S.o.c.k.e.t.t. ...D..... .J.X................QQmlWebSocket is not ready......QQmlWebSocket.....@.Q.Q.m.l.W.e.b.S.o.c.k.e.t.S.e.r.v.e.r... ...D..... .J.X...............!QQmlWebSocketServer is not ready......QQmlWebSocketServer.....V..... .%.1..... ...@. .A.c.c.e.p.t.-.K.e.y... .t.|.t... .. .%.2.@.(...). ................DAccept-Key received from server %1 does not match the client key

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtwebsockets_pl.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):7599
                                                                                                                                                                                                    Entropy (8bit):4.620143427827003
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:2UClh+jT0VAO9c5+T+GZHuHkgNvjWqdT7TZKymOcEzP9r5ubrC:LmHz9c4dZq966T7TZK9OcEzPl5qC
                                                                                                                                                                                                    MD5:261B9B2B09C21DB6D226743C46AFAFAC
                                                                                                                                                                                                    SHA1:39402B503838FDA027BE78B6DCFB19BD1948F6C3
                                                                                                                                                                                                    SHA-256:4AF915DE2133AB4E936B4AC485CA19ED34EC08A3399F95765EE7A6F2B9E07461
                                                                                                                                                                                                    SHA-512:5FEFFE357666808B1DA6B05A1FD24CAE655ED767E33E034EF1B598865E4E203A5ADA85EC1364C225CF39327791EC702F41000299E5761B91D3E297A8714A8098
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......pl_PLB...X...................N..... .....p.o...............R.Q...8...N......-..............\....*.`H......^.n...)........@.......Um......i................3....U.W.^.....f.....<..C......Y/......`n................n.......>...I.......{......c..0....t.)._...........................(.......;........s>......|........q..............*.......x\.......4.....i...$....|.K.o.m.u.n.i.k.a.t.y. .m.o.g... .b.y... .w.y.s.y.B.a.n.e. .j.e.d.y.n.i.e. .g.d.y. .g.n.i.a.z.d.o. .j.e.s.t. .o.t.w.a.r.t.e...........2Messages can only be sent when the socket is open......QQmlWebSocket.....<.Q.Q.m.l.W.e.b.S.o.c.k.e.t. .n.i.e. .j.e.s.t. .g.o.t.o.w.y............QQmlWebSocket is not ready......QQmlWebSocket.....H.Q.Q.m.l.W.e.b.S.o.c.k.e.t.S.e.r.v.e.r. .n.i.e. .j.e.s.t. .g.o.t.o.w.y...........!QQmlWebSocketServer is not ready......QQmlWebSocketServer.......A.c.c.e.p.t.-.K.e.y. .o.t.r.z.y.m.a.n.y. .z. .s.e.r.w.e.r.a. .%.1. .n.i.e. .p.a.s.u.j.e. .d.o. .k.l.u.c.z.a. .k.l.i.e.n.t.a. .%.2...........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtwebsockets_ru.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):9562
                                                                                                                                                                                                    Entropy (8bit):5.215210897076583
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:qY6k2c0M1Uwtjrldh1N1NUuAFjJ+SE+5oY6QS8:L6kd0M1UmX3xfUfhEr+5J5
                                                                                                                                                                                                    MD5:69E98D5C7D772467515403F54AB47D98
                                                                                                                                                                                                    SHA1:7AEA3408C1C90CC459D390337D51DFD5D83E1EE6
                                                                                                                                                                                                    SHA-256:6C6E2E9914F25BAD087D82F5A0438BFAA9B8B965BCB15E6F1F69D7FF22E69E0D
                                                                                                                                                                                                    SHA-512:D2ED55D6F79198DC701E7513A895A0272E4FA768BEE5ACA73BF85597824CDB4DAEB78FB2D65A1258BFF02E270B5B7C7601521DBA00D1A8DF5043CEC2A7376DDE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......ruB..........o......"............N..... .......o.....W.........R.Q......cn...+...N......-..............\......`H....4.^.n.."Z......t..-......@.......T......Um....p.i........A~......Z..."........V..3......W.^...+.f.....?..C......Y/.............8.......`n................n.......>...+.................0......)._...\.........................1.....7.E....!k..................... ..s>... ..|........q....c...>...t...........~.....*.....P.x\....>..4....\i..#g....l.!.>.>.1.I.5.=.8.O. .<.>.6.=.>. .>.B.?.@.0.2.;.O.B.L. .B.>.;.L.:.>. .?.@.8. .>.B.:.@.K.B.>.<. .A.>.:.5.B.5...........2Messages can only be sent when the socket is open......QQmlWebSocket.......Q.Q.m.l.W.e.b.S.o.c.k.e.t. .=.5. .3.>.B.>.2............QQmlWebSocket is not ready......QQmlWebSocket.....:.Q.Q.m.l.W.e.b.S.o.c.k.e.t.S.e.r.v.e.r. .=.5. .3.>.B.>.2...........!QQmlWebSocketServer is not ready......QQmlWebSocketServer.......A.c.c.e.p.t.-.K.e.y.,. .?.>.;.C.G.5.=.=.K.9. .>.B. .A.5.@.2.5.@.0. .%.1.,. .=.5. .A

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtwebsockets_uk.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):9160
                                                                                                                                                                                                    Entropy (8bit):5.203743355597705
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:KsuDSJlz/o4rQm9kG1T4zMmWMtnquu9+TC7ELM7xGPMuB8:JuDSlbo4rQm9jizMmWMthuwzLM7xGPMJ
                                                                                                                                                                                                    MD5:43FEF171DFB7551C3F3395F0F431DB7C
                                                                                                                                                                                                    SHA1:A30915BE271FBD601497DC6640128E9CD5497F8E
                                                                                                                                                                                                    SHA-256:9734A5DFFB889911A5D9A6EB4EA8F81E5F78E48329CE2747E935BCDF7688D999
                                                                                                                                                                                                    SHA-512:A9A6FC36464969656578AFFA80CB2349AD0BA6F8693E68BADA19928C98BC6AE93BEA65AF1E477B5C729CE2F2C3E84C1159E4E4174E5CFDE330B2058122A8E039
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......uk_UAB..........!........`...N...(. .....<.o...............R.Q......cn.......N......-...........]..\......`H......^.n..!..........-....k.@.......T....Y.Um......i........Z... ...........3....!.W.^...?.f.....Y..C....c.Y/....O.8.......`n............s...n.......>...=.................0......)._.............................1.............[........s>... 3.|........q........>...........6...~.....*.......x\.......4....bi..!.....z...>.2.V.4.>.<.;.5.=.=.O. .<.>.6.C.B.L. .1.C.B.8. .=.0.4.V.A.;.0.=.V.,. .;.8.H.5. .:.>.;.8. .A.>.:.5.B. .2.V.4.:.@.8.B.>...........2Messages can only be sent when the socket is open......QQmlWebSocket.....2.Q.Q.m.l.W.e.b.S.o.c.k.e.t. .=.5. .3.>.B.>.2.8.9............QQmlWebSocket is not ready......QQmlWebSocket.....>.Q.Q.m.l.W.e.b.S.o.c.k.e.t.S.e.r.v.e.r. .=.5. .3.>.B.>.2.8.9...........!QQmlWebSocketServer is not ready......QQmlWebSocketServer.......A.c.c.e.p.t.-.K.e.y.,. .>.B.@.8.<.0.=.8.9. .2.V.4. .A.5.@.2.5.@.0. .%.1.,. .=.5. .7.1.V.3.0.T.B.L.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtxmlpatterns_bg.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):112896
                                                                                                                                                                                                    Entropy (8bit):4.997020376272047
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:1536:iBbBlkYXip2ldQufNHTowmxH/4AL3wJ1DVp3iOri8b1+rvfdHQdnEjUn3NOz2:iHflowmx/44wJ1DWu71+TdHQdnT3Yq
                                                                                                                                                                                                    MD5:D3667421DE1F04AE65E9DB84C1A2BA50
                                                                                                                                                                                                    SHA1:7B3601EA0B1FEC93A2F442D73F79FF01363B8013
                                                                                                                                                                                                    SHA-256:A81D5D82308F771B280B4404B0D7BD57E83F124678EB01BCB69A6D70441949C7
                                                                                                                                                                                                    SHA-512:0A37F6C1D66D2B9D9441DE32580EE9799A813A9F9E7B0AA32B51A063BF30289F2A4A9D2D8ABBB78D521B5F09168B58D7413D411EFEA31E2D71B7C31CEBC918F2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......bgB..........;....Q..K...3...........JO.&S...X..*.....,.7....<..:9...p..M.~.....X.~..l..[;^...i.lG......rUN..:b..c...b:..W^..u(......K..........,...............Rn..;...T5......'...}...n......lN...........J.......d...>.....)9..............</...P&.A.......S...{T.X....j>.pE...9..p.N..V....N......I...L'..u...2........U......q...P.......0........N.."&..t....D..........e..............y#......^.._.......*.......@...~..K........W.=....x..@E....2.@V....H.B!...;@.W.~.....X........hN...I..%............%..9...........F...4...d...gN..C.................U...................#........z..^..........a.......B^......](.*.....f.+.N...x.6.......Ec.../..IQ....~.K~......\S~...Q.b....*..b....a(.m.n.....q.....G.{.>..]...R>..'.......................bh...>......+...@...,....v.........*>......S..........m>.......5..h..............O...q...-..........S...Cn..#....n..h...7^...,..0...s...H...&P..=...Z..0...n..5.>..w..8w......?....R0.BM......J.....=.R......^.......f.......r....l..s..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtxmlpatterns_ca.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):114190
                                                                                                                                                                                                    Entropy (8bit):4.270947851538695
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3072:474u0NNhLPzC/YzuW9aF72/YjMYn6YsB+:KZ
                                                                                                                                                                                                    MD5:48F3BA833DCCAE27909C74D51AF6BA3C
                                                                                                                                                                                                    SHA1:1D709DE88DF0A6437419CE28F9A46CE2B0A42A9D
                                                                                                                                                                                                    SHA-256:4AD435437D6B94696C40C2F1A949AC73F7A205F54371ED69AB92509D64036BC6
                                                                                                                                                                                                    SHA-512:7E1D9C0BE4396E0B4A34F65A72D543A672732BDEB0593399430065F71642EB756AEF033D03C757012F2B7A4B20E9D67BE7D8FF72C6F17BBB051FCBBF155C653D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......caB...(......<....Q..L...3...........KB.&S...X..*.......7....=..:9...tH.M.~...0.X.~..p..[;^.....lG......o.......rUN..?...c...g9..W^..u.......L.......@..,............-..Rn..AQ..T5......'....>..n......lN.......................>.....)9..............</...Q..A.....n.S....m.X....k..pE...:^.p.N..W....N......I...M...u...7...............r...P.......0........N..#...t....)..........e...........a..y#.......^.._..................~..Q6.......^.=....y..@E....w.@V......B!...@..F.R.....W.~.....X........hN...r..%............8..9...........K...4...e...gN..D.................U...................&........o..^..........b.......G.......]..*.......+.N.....6.......Ec.../..IQ......\S~.....b....+".b....b..m.n..!J.q.......{.>..c2..R>..(.......................c....>.....+...B...,..............*>...J..S..........m........6..h..............O...u...-..........T...Cn..'H...n..i...7^.. ...0...t...H...'...=...`%.0...oo.5.>..x|.8w......?....S%.BM....'.J.......R.......^......f.......r..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtxmlpatterns_cs.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):109606
                                                                                                                                                                                                    Entropy (8bit):4.46612100380766
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3072:qv4x5nW1rIHoac0lMXQ13z4QTPfyjJDnk0UPfhfHP+x7JmdSjnO71YmkC:56Kp
                                                                                                                                                                                                    MD5:266F405DB846839D79048AF37CCDF88B
                                                                                                                                                                                                    SHA1:73E6EA7B89CB6B80132167822E62C458E19C24CA
                                                                                                                                                                                                    SHA-256:37AAADA770EA1E9AA08D78E6B28D46CD2A39080985E945B07EC34227E1ADF0D9
                                                                                                                                                                                                    SHA-512:FF763BA93532BC4ED742ABAF9C36F43FF5AB5792E608BFBCA81F24C1BB43B364E37DA3A844696E1A42795CDFF876C3A0C67260184771D5E172B320A83B475CEC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......cs_CZB..........9....Q..Je..3...........I..&S...V6.*.....&.7....:..:9...c0.M.~.....X.~..^..[;^...Q.lG....&.rUN..1P..c...U...W^..rF......J......t`..,...............Rn..3"..T5...K..'...o~..n......lN..........wO...........>...1.)9....\.........</...O..A.......S...m..X....g..pE...7..p.N..UH...N..}...I...KQ..u...)...............o?..P....A..0........N...^..t...............e..............y#.......^..]#.................~..A........m.=....vS.@E...uu.@V...|..B!...2H.W.~...c.X........hN......%............M..9....F......<...4...b...gN..A..............]..U............................<..^..........._.......9z......Z..*.....B.+.N.....6.......Ec...-{.IQ....(.K~......\S~.....b....(..b...._..m.n.....q.....%.{.>..RE..R>..%........s..............`^...>.....+...>...,..........s..*>......S....n.....j...........h....|.........O...dg..-...........Re..Cn...C...n..f...7^...>..0...q...H...$...=...O|.0...lX.5.>..t..8w......?....P..BM......J......R.......^.....$.f.....?.r....j .

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtxmlpatterns_da.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1771
                                                                                                                                                                                                    Entropy (8bit):4.627797023078565
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:Xg8ZJXPUiUKTmcgrUKTm8erMCDpeVy6DbKotb641pa3C3J2:XgeaxKTfgIKTvCDcVHfKotW418
                                                                                                                                                                                                    MD5:0034512CC2FECD4C0BDE5EEA692642BA
                                                                                                                                                                                                    SHA1:04DAA1E0D72CBAD8AC1466FFA8C98E40D43BA438
                                                                                                                                                                                                    SHA-256:3E6716C2580F2FB877AD15B86A8120AD2C182275B6F6AA768B7DD1C5734BE6BD
                                                                                                                                                                                                    SHA-512:0540E13D2B51684F3DBDC558277576F264D53AB9FC714D2B5C3CF7A808CF77B64741A386703BA52159710B0D7F1059E29EBA947E0995EFE1AD5B263117349ECA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......daB...p.lG.......lN.......e.....F.R......%.......8....b.1.....y..l........~......U......v".....W.....8..I....;.K......i...S....l.".%.1.". .d.u.p.l.i.k.e.r.e.r. .e.t. .t.i.d.l.i.g.e.r.e. .r.o.l.l.e.n.a.v.n. .o.g. .d.e.a.k.t.i.v.e.r.e.s...........:"%1" duplicates a previous role name and will be disabled......QQuickXmlListModel.....4.u.g.y.l.d.i.g. .f.o.r.e.s.p...r.g.s.e.l.:. .".%.1."..........invalid query: "%1".....QQuickXmlListModel.....^.E.n. .X.m.l.R.o.l.e.-.f.o.r.e.s.p...r.g.s.e.l. .m... .i.k.k.e. .b.e.g.y.n.d.e. .m.e.d. .'./.'.........(An XmlRole query must not start with '/'.....QQuickXmlListModelRole.....~.E.n. .X.m.l.L.i.s.t.M.o.d.e.l.-.f.o.r.e.s.p...r.g.s.e.l. .m... .i.k.k.e. .b.e.g.y.n.d.e. .m.e.d. .'./.'. .e.l.l.e.r. ."././.".........1An XmlListModel query must start with '/' or "//".....QQuickXmlRoleList.....R.F.e.j.l. .%.1. .i. .%.2.,. .p... .l.i.n.j.e. .%.3.,. .k.o.l.o.n.n.e. .%.4.:. .%.5.........)Error %1 in %2, at line %3, column %4: %5.....QXmlPat

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtxmlpatterns_de.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):118069
                                                                                                                                                                                                    Entropy (8bit):4.271846030676607
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3072:r3pEbButWD+nRsGJN0ZOvELSiocieMRuhmn2kzrcV4Vf:rZvZ
                                                                                                                                                                                                    MD5:693FCFEF4283761AE07442EC81EF59A1
                                                                                                                                                                                                    SHA1:59AC62380C806340C201B10A53231BEA6B2FAE86
                                                                                                                                                                                                    SHA-256:150AE8A457D0B9D81847D71E19AD3B66674D723F3AC60B48A16537FA348B04EC
                                                                                                                                                                                                    SHA-512:7096EFE28961C9B0BF334960502F43148DC59BA4300B17759F11FCBD6E7B9E6A9236432B93AFE430CCDA7BB1D727B581591667269ACFB900DC14E5226F10F1D7
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......de_DEB...(......@....Q..O...3....W......O..&S...]..*....(..7....@..:9......M.~.....X.~..}..[;^.....lG....y.o.......rUN..K...c...ta..W^..|.......P{......^..,............A..Rn..M...T5...f..'.......n...L..lN...................3...>...f.)9............[.</...UM.A.......S......X....q..pE...=..p.N..\o...N......I...Q...u...C........h......y@..P.......0....a...N..%...t... ...........e..........'...y#.......^..e4......;...........~..]D.......<.=.......@E......@V......B!...L..F.R.....W.~.....X.....\..hN...f..%............L..9...........X...4...k7..gN..G.......r........U...."......".......2........E..^...........g.......TK......b..*.....w.+.N.....6.....4.Ec...2..IQ....=.\S~...Z.b....-..b....gQ.m.n..,..q.......{.>..pP..R>..+,......................h....>...'..+...D...,..............*>......S....w.....t.......#...h....$......A..O.......-...........YT..Cn..2....n..o...7^..+...0...{O..H...)...=...m..0...u..5.>...l.8w....2.?....W..BM......J.....~.R......^.......f.......

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtxmlpatterns_en.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):16
                                                                                                                                                                                                    Entropy (8bit):4.0
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:j2wZC4n:CwZ
                                                                                                                                                                                                    MD5:BCEBCF42735C6849BDECBB77451021DD
                                                                                                                                                                                                    SHA1:4884FD9AF6890647B7AF1AEFA57F38CCA49AD899
                                                                                                                                                                                                    SHA-256:9959B510B15D18937848AD13007E30459D2E993C67E564BADBFC18F935695C85
                                                                                                                                                                                                    SHA-512:F951B511FFB1A6B94B1BCAE9DF26B41B2FF829560583D7C83E70279D1B5304BDE299B3679D863CAD6BB79D0BEDA524FC195B7F054ECF11D2090037526B451B78
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtxmlpatterns_es.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):114789
                                                                                                                                                                                                    Entropy (8bit):4.206007696939753
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:1536:WR+SHTrv2ySsYwG6FR2rKFYMRY+0wiQn8JZegjqSY:WRBHTrv2ySsYIFR2roRY+0wiQn8J47X
                                                                                                                                                                                                    MD5:49A3A61F88FBECA825E7E6454795645A
                                                                                                                                                                                                    SHA1:C929CD5172A70469B8D8E17771B3581E736DCD2D
                                                                                                                                                                                                    SHA-256:3A7E79139611AB4055CEDBD844B99561560B10B9C2E41A8EAEEB5A9A704D7C5A
                                                                                                                                                                                                    SHA-512:58EC54D8AB466B73E5A3E9D1FD5C339ECD60D1A997AB0836ADF30F6415590510C9380B3EA577408FD171FC8A2853A0A2750BCCB69C17B1E9054BA45825454E2A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......es_ESB..........:....Q..J...3...........I..&S...W..*.....\.7....;..:9...v..M.~.....X.~..s\.[;^.....lG......rUN..@...c...id..W^..u.......K..........,...............Rn..B...T5......'.......n......lN...................h...>...i.)9....\.........</...O..A.....n.S......X....j..pE...8..p.N..V....N......I...K...u...95.......5......r...P.......0........N..!J..t...........l...e..............y#.......^.._%......F..........~..R..........=....y..@E......@V......B!...A..W.~.....X........hN......%............e..9....0......Mc..4...eD..gN..B.......C.........U....}.......?......(..........^....a......b)......I.......]..*.....z.+.N.....6.......Ec......IQ....\.K~......\S~...-.b....)g.b....at.m.n..#..q.......{.>..e?..R>..&................!......b....>...0..+...@#..,...........r..*>...a..S....2.....m...........h..............O...x*..-...........S...Cn..)....n..iX..7^.."...0...tt..H...%R..=...b..0...o..5.>..x..8w......?....R..BM....4.J......R.......^.......f.......r....m..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtxmlpatterns_fr.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):115909
                                                                                                                                                                                                    Entropy (8bit):4.236285230069747
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:1536:adL2T4A0nhOszafeF0rEUPryAvSelIXzdFnOshS7Rusm:eKYnhOszaf7rEUPhSelIXzdFnOsYUL
                                                                                                                                                                                                    MD5:24D95EE203DF9728321F5BA52DD9857D
                                                                                                                                                                                                    SHA1:F0E60063E6846F082559CB9BF8FFFFE1DE2A865B
                                                                                                                                                                                                    SHA-256:FC5F279D5870BB244F70456C88B5E6A1E8BD990CBE4AD2EDD95BF3BC64913D96
                                                                                                                                                                                                    SHA-512:D68BED242E4482C14205584A39333F5DC67D5A7BB76E9E71D40E35137E8043D3A565AA7F63765A461A46F9BAC433E5BECFDE6D8A076761EE0581CC83DBFC0136
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......fr_FRB..........='...Q..L...3....-......L).&S...ZV.*....#..7....>P.:9...z..M.~...q.X.~..wH.[;^.....lG......rUN..Er..c...m...W^..x6......M..........,...............Rn..G:..T5...[..'.......n......lN...........J...........>.....)9............`.</...R(.A.......S.... .X....l..pE...:..p.N..Y$...N......I...N...u...=...............t...P.......0........N.."X..t....4..........e.........."N..y#...P...^..aC..............t...~..W........i.=....|g.@E....&.@V......B!...Fl.W.~.....X.....{..hN...5..%....)..........9...........R...4...g...gN..El.............U..U....}..............-@..........^....K......d)......N......._B.*.....6.+.N...f.6.....}.Ec.../..IQ......K~....n.\S~.....b....*..b....c|.m.n..'k.q.......{.>..i...R>..(......................d....>.....+...B...,...........R..*>.....S..........o........3..h..............O...|...-....O......V...Cn..-....n..k<..7^..&...0...v...H...&...=...f..0...q`.5.>..z..8w......?....TV.BM....<.J......R.....V.^.....j.f......r....o..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtxmlpatterns_hu.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):115164
                                                                                                                                                                                                    Entropy (8bit):4.37846370747933
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3072:7qmPpz/7DJAnwHE43DwgV92Necltm2vNEY5ihdhsEuaU9ouNJwQ3BKLf3xA4kP/R:Gqfil
                                                                                                                                                                                                    MD5:112B7D3AB5215A58D759D05915C52DB8
                                                                                                                                                                                                    SHA1:C3100996FF0C08E2743FC2D121A7410842A15877
                                                                                                                                                                                                    SHA-256:561AE5F9C03221B5937D8E8E0C6F17A42ABB6E8C0DF78766D34F6DC8380BE5B2
                                                                                                                                                                                                    SHA-512:95E9B61634939AB152D17CB4777A65732557ABFC2C2121D2AD3E83212A095BC567331FF2C989E9A3652ECCF383E503AB66BFBCAAF3B86825EEFE0F8E6BE75AE4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......hu_HUB..........>....Q..N...3...........M?.&S...[..*....#..7....?..:9...x..M.~...i.X.~..u..[;^.../.lG....?.rUN..E...c...l(..W^..{X......N..........,...............Rn..F...T5......'.......n...;..lN...#...................>.....)9............j.</...Sv.A.......S....4.X....o..pE...<..p.N..Z~...N...,..I...OQ..u...=........}......w...P.......0.... ...N..#L..t...............e.........."...y#.......^..c..............4...~..V........G.=.......@E......@V....(.B!...F..W.~...).X........hN......%..../......._..9....b......P...4...iF..gN..G................U........... #......,........8..^....Q......f3......M.......a..*.....0.+.N.....6.......Ec...1..IQ......K~....^.\S~...}.b....,..b....eh.m.n..'S.q.......{.>..h...R>..)q.....................f....>.....+...DA..,.............*>......S....n.....rH..........h..............O...z(..-....;......Ww..Cn..-%...n..m...7^..&...0...y...H...'...=...e..0...t..5.>..~u.8w....E.?....U..BM....^.J.......R.....(.^......f......r....q..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtxmlpatterns_it.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5107
                                                                                                                                                                                                    Entropy (8bit):4.44576456490991
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:CqqweDSxsfKsWF22r6ydGV8zjFKn5QRUoIJq:CqqweDSCKsB2raV8XFKn5sUoIJq
                                                                                                                                                                                                    MD5:F470B2F1F5B7D35AA1A09BA8D0579E6B
                                                                                                                                                                                                    SHA1:AC94FDDBA02387B2986C109519E02BEBE672A2A0
                                                                                                                                                                                                    SHA-256:F601791B61265F2006CA7B7CCE0C27C6209F3DEA896CB90849ECF18ADB3BCDF4
                                                                                                                                                                                                    SHA-512:D1D7CBCE11F9D5777DEF3B7CC888EBD7A0A47D4A39E1FDD8DE49AE54F48E06799F6FC1E38B80E377D4745789F92804785571AA4964CB8473BFB4AB22C60A4E52
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......it_ITB...(...Q...Q..3......&S....Y.lG....b..........lN.....S.......t....v...e.....W.~......%..............................at...x..8......1........hs......l....g./.......7.D...V..U..._..ON......b....[.P.....=.Z.....$.|........'N...M. .........n.....5.....I.W.......(.N...................c.K............<i........Z.E.r.r.o.r.e. .%.1. .i.n. .%.2.,. .a.l.l.a. .r.i.g.a. .%.3.,. .c.o.l.o.n.n.a. .%.4.:. .%.5.........)Error %1 in %2, at line %3, column %4: %5.....QXmlPatternistCLI.....&.E.r.r.o.r.e. .%.1. .i.n. .%.2.:. .%.3..........Error %1 in %2: %3.....QXmlPatternistCLI.....*.P.o.s.i.z.i.o.n.e. .s.c.o.n.o.s.c.i.u.t.a..........Unknown location.....QXmlPatternistCLI.....`.A.v.v.e.r.t.i.m.e.n.t.o. .i.n. .%.1.,. .a.l.l.a. .r.i.g.a. .%.2.,. .c.o.l.o.n.n.a. .%.3.:. .%.4.........(Warning in %1, at line %2, column %3: %4.....QXmlPatternistCLI.....,.A.v.v.e.r.t.i.m.e.n.t.o. .i.n. .%.1.:. .%.2..........Warning in %1: %2.....QXmlPatternistCLI.....8.%.1. .n.o.n. .p.u... .e.s.s.e.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtxmlpatterns_ja.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):81631
                                                                                                                                                                                                    Entropy (8bit):5.614731932461831
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:1536:PabWYIhuaKWTfh4hcZBz6Ta6kCTSj6cnfio59etR0eL7nvThMk0gi0xO6:yjXaKWTfh4hcZATa6kCs7qo59etR0eL5
                                                                                                                                                                                                    MD5:CCB8E1A0A333E63EF9E831EA6A202DDB
                                                                                                                                                                                                    SHA1:B8FFE2E02A3BF126643C9F0B6E0231CA914261C0
                                                                                                                                                                                                    SHA-256:A14796E1DDF516BE80AEC230047F653B760F756F21F8985FCC26BDFAD95CB2A6
                                                                                                                                                                                                    SHA-512:6B15F43A23DE5C49A7C85680B035AE7C704F1B5F85B879F943401993433020E8CB2A3F618A547907C00B86743E30E2FFE3E128B4E38F2E0EC7657220C50432E6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......jaB..........*....Q..53..3...!_......4..&S...>D.*......7....+..:9....7.M.~..y..X.~.....[;^.../.lG...+..rUN......c....X..W^..S.......5..........,...}........6..Rn...F..T5......'....Q..n..j...lN.......................>.....)9..............</...8..A...."..S....&.X....K..pE...)Q.p.N..=|...N..[...I...6...u..........b.......Q...P.......0...r....N...h..t...............e.............y#.......^..Cw......$.......H...~...u......n..=....U..@E......@V......B!.....W.~.....X........hN...a..%...............9...p..........4...H...gN..0J.....m..........U....................~..........^...........E...............B..*....{..+.N.....6.....y.Ec...!..IQ...x..K~... ..\S~..c..b.....Y.b....E@.m.n...;.q.....!.{.>......R>...y......................FX...>......+.......,..........*...*>......S...p&.....M...........h....?.....gx..O....B..-...........;}..Cn.......n..J...7^......0...RV..H....\..=......0...O..5.>..U..8w......?....:H.BM......J.......R.......^.......f.......r....Mx.s..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtxmlpatterns_ko.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):83097
                                                                                                                                                                                                    Entropy (8bit):5.6930558797602435
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:1536:peCdoS2QaEsRUP1Iwc4aiJEGaDEcjd5Xc5I9iftDSRKNUAGiwyYIVEV7yiLoOst5:peCd8UP1Iwc4aivcjbzRAGi7YIuVGXnv
                                                                                                                                                                                                    MD5:0974AB81D5AADCB12AEE5AC348871948
                                                                                                                                                                                                    SHA1:9308E8D210403C781AEDAC008DA1A05FFF792FF4
                                                                                                                                                                                                    SHA-256:E61F909698FE98BCF5BF399CF0E1A55E1854852D49543177B6B89C4938644940
                                                                                                                                                                                                    SHA-512:F5C510BE25C0BA4295CED6FFCFCFAE36005666DE1C00043D78F74E628C94712C6D5966485E25EFD45D7B2FF938856C2C820DEEB4FAE648DB62565F186FE3B251
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......koB...(......-....Q..8...3...'O......7..&S...A..*.....S.7.....G.:9......M.~..~..X.~...}.[;^.....lG...0..o....&..rUN......c.......W^..W;......8.......$..,............]..Rn...I..T5......'.......n..p...lN...........C...........>.....)9....K.........</...<..A....(..S......X....OI.pE...+..p.N..@....N.._...I...9Z..u....&......g.......T...P.......0...w....N......t..........5...e...!.........y#.......^..F.......m...........~..........s..=....Y..@E......@V......B!.....F.R.....W.~...R.X.......hN......%...............9...v........J..4...KI..gN..3O.....r..........U....6...............9..........^...........I..............Ec.*.......+.N...[.6.......Ec...$..IQ...}!.\S~..hX.b.... ..b....H..m.n.....q.......{.>...0..R>...........l..............I....>......+...1Z..,..........08..*>......S...ui.....Q..........h...$......lm..O.......-...........>...Cn...|...n..N[..7^.....0...VK..H.......=....!.0...R..5.>..Y .8w......?....=i.BM.....J.....d.R.......^.......f.....~.r..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtxmlpatterns_pl.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):110977
                                                                                                                                                                                                    Entropy (8bit):4.436969819934516
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3072:NO2wzbQXQszKuHIKJZtdIP10UKwrZjZ5ngqLq9dRV:NUgy+
                                                                                                                                                                                                    MD5:2D06E4DE3CE387E78B4C776C156CE94D
                                                                                                                                                                                                    SHA1:282E75F5565F66288B236DB7D3A314290D8F1A99
                                                                                                                                                                                                    SHA-256:DE3B45F1CF7864FF3FB1C26DF3BDCA43374826C421E94227E641CB0D5935268F
                                                                                                                                                                                                    SHA-512:B65506A6BD8E549500F8F89552DE1249671C2823EAD1141A2B5175862BE19AF3278EE7C034CD90EB916D979233A64B60A70105132E08BE6D75D99D3B26F5C465
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......pl_PLB..........;....Q..Km..3...........J..&S...X\.*.....t.7....<..:9...j..M.~...q.X.~..g~.[;^.....lG....E.rUN..7...c...^@..W^..u.......K......|...,............Z..Rn..9...T5......'...wk..n......lN...........>.......H...>..._.)9....z.........</...P~.A.....x.S...u..X....j..pE...8..p.N..WT...N......I...L...u...0q..............r...P....k..0....d...N......t...............e...........T..y#.......^.._...................~..H..........=....ye.@E...}>.@V......B!...8..W.~.....X.....y..hN...3..%...............9...........C...4...e~..gN..B.......#......{..U....k.............. ...........^...........b.......?.......]..*.......+.N.....6.....W.Ec......IQ....".K~....*.\S~.....b....)M.b....a..m.n.....q.......{.>..ZG..R>..&O...............y......c:...>...6..+...@1..,....F.........*>......S..........m...........h..............O...lN..-....Q......T9..Cn..!....n..i...7^......0...t...H...$...=...WB.0...ob.5.>..xA.8w......?....R..BM......J.......R......^.....P.f.....o.r....mJ.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtxmlpatterns_ru.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):107618
                                                                                                                                                                                                    Entropy (8bit):5.05303500283018
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:1536:RMrjzYd5AxbcXBMhIKDIaWmS6QC2yMmlpPSMx2yD5B3jUuFswKj7D7TnFfwiKxvB:R5GAKDIaWmkC2yMi2k3jzQjn7TnEFgm
                                                                                                                                                                                                    MD5:C14AD2A9E2AE1A2B842A484446630E91
                                                                                                                                                                                                    SHA1:A4B2F475782E0952FB0C26F78E93B47238BCED26
                                                                                                                                                                                                    SHA-256:A1D23444D4C12ED9C076C820058759D1A8D3B920AB1C2BB83F6DE0CF0C8DB1C3
                                                                                                                                                                                                    SHA-512:A9707BC38E6CF18E700B33439AE159E8816F4D04A979272BDAB81D20992DB5C40639E43D307B276436819734DC5136B33456E861498885EF223DE15BC3977FCE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......ru_RUB...(......:....Q..J...3....E......I..&S...V..*.......7....;u.:9..._..M.~.....X.~..\U.[;^.....lG....e.o.....i.rUN..-k..c...R...W^..s.......K......p...,....d..........Rn......T5...p..'...k...n......lN..........sO...........>.....)9....A.........</...O_.A.......S...j1.X....h{.pE...8D.p.N..U....N..~...I...K...u...&........p......o...P.......0........N..!...t....9......k...e..............y#.......^..]~.............]...~..=........N.=....v..@E...qo.@V...w..B!....M.F.R.....W.~.....X.....$..hN......%...............9....S......7...4...ce..gN..A.................U..............................^....j......`b......4.......[..*.....u.+.N.....6......Ec...-..IQ......\S~.....b....)D.b...._..m.n...V.q.......{.>..N...R>..&.......................a....>......+...?l..,..............*>...6..S....[.....ku..........h...}.......#..O...`...-..........R...Cn...*...n..gQ..7^......0...q...H...%...=...K..0...l..5.>..ul.8w......?....Q_.BM......J......R.....-.^.......f.......

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtxmlpatterns_sk.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):33325
                                                                                                                                                                                                    Entropy (8bit):4.48355815890089
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:ENT2KN2MhsXRW737HTszECSZJuh3nhVKlsHyVv:ENf4XI737HTszECSyh3n/AfVv
                                                                                                                                                                                                    MD5:7E2DB66340A1B4D8954296745A5EF012
                                                                                                                                                                                                    SHA1:01845322376154DFB86F151B0750C119B26DB83F
                                                                                                                                                                                                    SHA-256:5A3E47B6773BD53FEE967F5F1CE18395229A12AF11CABC9E22684E58BDC37872
                                                                                                                                                                                                    SHA-512:224A158EE2812995EDE9648E1F139C4E40820162EB43068880AEFABD13B3CE7E3B0F7E3189DF4A16869F2412955C5C3778084A261E04B7B945965037CBBD0E78
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......skB.......Q......3...u^.&S......:9...l..X.~..h..[;^..:..lG...{...c...a{..........lN.......>..2..</....:.A....v..S...p..p.N......I....q..P...7D..t...=....e..........A...y#..0-...~..OU.W.~..;...%...........L.......H-......-'......#.......!..Ec....1.m.n..C..q....5..{.>..]...+....N.....{J..O...mW..........=...[..?.....`.^....*..s.....\..2....E..N...v?..at......8.......G>..i.......k_.._...W.......sf.&.......)......N.>../....n......n...@w.....wt..{...%"..m...V.. `...o..1....|c.T....Q..]........hs..AX......U........D..l....Y..C...1T./.....s.3....j8.42...8..7.D..pb.:....L*.I.N.....V7...'...VN..4s...N..by......=.......U..U..|...7...nT..v...r...e~..)...b......-....Sq.P....(..Z....?...J...QE......D...(...t%......z9..'N..F]..+>.._.......n..S.......Tg...........6?..)...&...F>...n..l~..... ...../.5....4..b....fH.w`N..xN..=...dV...n..&...>>..F..R....3..W....|..x.R..........M...r...'....N..J..v....N........|......c[......I...e...!h..hN..J&......e......Ew..Xt..Y....n..h.....

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtxmlpatterns_uk.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):7942
                                                                                                                                                                                                    Entropy (8bit):5.134546755837269
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:JcUZDdKhrMc5nsy2JPkvj27hDASMrkcWPflvkdQdUbuIxn9b:JcUNdKhrMc9s7JPkvj6UBkdp0R
                                                                                                                                                                                                    MD5:04115F8A9231BD56A887F90F567271A6
                                                                                                                                                                                                    SHA1:D6AD140609AFFC70D5FDE13CD4F0B41841DF9A7E
                                                                                                                                                                                                    SHA-256:6E5430B1F1A492E750EBC023984DF45E9A88F3DBA7D68BE49EFE1299958D59EF
                                                                                                                                                                                                    SHA-512:6B4BBC7D8FB036A995B6187543E6B179C0A8D552A8FBCFDF2D617858FCA231BDD5A2DF19372B3FC4D5B40D52FE37503BFB707117B6361EB2B6A4E9A04B4BA25E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......uk_UAB.......Q......3............:..lN.......>.....S....Z...e......%............1.................8.......G>...e.O.>......m......1.....p.X.....n..h.......l....U./.......7.D.....nW............:..U.....P.....~.|........(.......'N...Y.......Z..)......<.........n...h..>>.....5.....6.j.........N...m.......6.......e..Xt.....#$....L.%.n.....(.N.....C.n...................-.K................4^..........~i...H....R...>.<.8.;.:.0. .%.1. .2. .%.2.,. .@.O.4.>.:. .%.3.,. .?.>.7.8.F.V.O. .%.4.:. .%.5.........)Error %1 in %2, at line %3, column %4: %5.....QXmlPatternistCLI.....&...>.<.8.;.:.0. .%.1. .2. .%.2.:. .%.3..........Error %1 in %2: %3.....QXmlPatternistCLI..... ...5.2.V.4.>.<.0. .?.>.7.8.F.V.O..........Unknown location.....QXmlPatternistCLI.....V...>.?.5.@.5.4.6.5.=.=.O. .2. .%.1.,. .@.O.4.>.:. .%.2.,. .?.>.7.8.F.V.O. .%.3.:. .%.4.........(Warning in %1, at line %2, column %3: %4.....QXmlPatternistCLI.....*...>.?.5.@.5.4.6.5.=.=.O. .2. .%.1.:. .%.2..........Warning in

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\Qt5\translations\qtxmlpatterns_zh_TW.qm

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Qt Translation file
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):30964
                                                                                                                                                                                                    Entropy (8bit):5.804820691669804
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:vTsdLKjhq50m22GtmG/fRHnQjacd2DNYZ:71w5n2ltmofdnod2DNe
                                                                                                                                                                                                    MD5:49CFDEEE8838029F9D2E39FBC0153609
                                                                                                                                                                                                    SHA1:F336B7EE575AFAD175EB692A7F5FCA3A56551BB1
                                                                                                                                                                                                    SHA-256:56C7F131446FC96E0F1BD7B99373C3630A392C833F973EDDD83EAFE68EDCAB79
                                                                                                                                                                                                    SHA-512:C8E076DAD8C299B52E8C562E23EAE7B4D40786D4D5515C4413F57DA68EAA73B4D599864D959E01062814266FCEAF60BA1EB7902430BBB5FB5B76C0DF17C1501D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:<.d....!..`.......zh_TWB.......Q......3...j..&S....C.:9...a..X.~..^..[;^..:Y.lG...q8..c...Y...........'...g...lN.......>..4..</......S...fw.X....!R.p.N......P...8...t...=Z...e..........?...y#..2....^.......~..LV.F.R...V.W.~..;..X....;<..%...........I...4...........E.......,...^...0................m.Ec....^.b.......m.n..Aw.q....7..{.>..Wh......%...........+....C.....p...O...a...-...(....n.. ...7^..A...=...U..?.....5.^....'n.s......../^..G...2.......at...W......6...r...d...8....v..G>..`?......`..._...S.......h..&.......)......*.4..#&.N.>..-..dI..._..g...........,....n.........l...{...........;...m...S.. `...dV.)...(..,8...l..1....q..T....Nl.].....8..hs..?.......Rf..........-n..c...l.......C...3L..2.......?...[j.'V...Q../.......42...8..7.D..e..:....H..I.N.....V7...$..w....!....~......VN..5...L>../....N..Z=..............2..U..r...H...>.......M...v...hP..ON..<...e~..&{..b......-....O..P....%n.Z....?/.`.N..K...J...M.......B8..(...i.......o'..$..."h..'N..CU..+>..X.......c8.S.......

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtBluetooth.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF, CR line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):84809
                                                                                                                                                                                                    Entropy (8bit):4.951965781716854
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:535NcNYurHCmGLh3cFVms/KB975W6noGnCJnRsOTn8jl1c/CmhvjkytJ67RfIDUB:5znCVmujDU8YOE
                                                                                                                                                                                                    MD5:34E5284FCF12EB35C22D0BE2F0CCADAA
                                                                                                                                                                                                    SHA1:6408ECA068BE12D87829C44D49FD6D3E77844A2F
                                                                                                                                                                                                    SHA-256:2BE2758A722EAA254A20C1C9B2842D47EEFEFAF47F0B16E74A24627E202F70BF
                                                                                                                                                                                                    SHA-512:B2F0A9D7702F77E40BB3F17E52C9DB0BD2C9FEE22858A7D47D3126BC763C1D0D94A04A034B5B3C9EBD7A4FBA56B2F0FCD3B8586C4ED442050044AD0F238C1DEC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtBluetooth module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtC

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtCore.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):495176
                                                                                                                                                                                                    Entropy (8bit):4.932633856236813
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3072:h95rWpIxGnQJVyFnuFBSXLjSFBiRrmYtIB6mkS6XjCX92+Ui+86hn4wuD0Fmdk97:z5CdUQ22jUyZ/WTLs2h26e
                                                                                                                                                                                                    MD5:5F08DF315D78DD033788FBFD8EE2E98D
                                                                                                                                                                                                    SHA1:EB0F1C0729CEB4ACA6026AF80EE7EB74771C4FFE
                                                                                                                                                                                                    SHA-256:E837DB1174523E3068C02C926769FC33343B318E462713B7FAC9E04294AD9165
                                                                                                                                                                                                    SHA-512:A1E8018DADB0E91C5FAB991EEC2D2E3B7A0A32CA9E78B6BD1BD401AB26F973823507C96C371B130D38D28A2F513B5063CBB0EE7D52F4502A365004C868AFC7A2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtCore module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....# Support for QDate, QDate

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtDBus.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):28766
                                                                                                                                                                                                    Entropy (8bit):5.027613478694707
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:e5yXI92S5yXI92E5yXI92LQydXBDEcSVI:e5yXI92S5yXI92E5yXI92TXBDEcSVI
                                                                                                                                                                                                    MD5:829F7B83EAD1B98575F2227CA54FB8B0
                                                                                                                                                                                                    SHA1:B474673324AB31DDAA1318865646756E11736315
                                                                                                                                                                                                    SHA-256:25772D981197EA8F2DD8ECEAD576FC5F40982542F504D3201C5BF8F1F41BAFED
                                                                                                                                                                                                    SHA-512:8B63E12B03188FEF035810F41BBB7CA7DE62E35574E5FA9937D69BB89A33B8C10FC3B5328DBA82DA485C926975976714D89824FA1DDE66F18FFBA0A9C793D933
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtDBus module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCore..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtDesigner.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):25935
                                                                                                                                                                                                    Entropy (8bit):5.0208351623574226
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:B2RtKsRv7hDRY4O02Q2oaRwjBV19KQJWr:wRtwQJWr
                                                                                                                                                                                                    MD5:4F55711649C09BA22EC2A22E49FB0173
                                                                                                                                                                                                    SHA1:E0016B858A90357CC904A4A528F314C9960E617F
                                                                                                                                                                                                    SHA-256:710CEE1AFCF8CF07AE0AF711492E912EF2072620B786E2BFEC4B29FCBF23CC55
                                                                                                                                                                                                    SHA-512:E013AE5ED1AA4942FE784725984C9D5288C5222808FA833B648DB69874DA9E1FA22AA724825F0AF387A653F4FE31606D35154C8CE4EFD1955E90D75A7A866334
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtDesigner module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCo

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtGui.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with very long lines (483), with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):481338
                                                                                                                                                                                                    Entropy (8bit):4.996193093600954
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3072:f1R8ch3vZb/mzz40i09+HEebWH9oraU4SRy4i4GW7PpDJwmohcr3/7v2516lYwzB:f1Cknv416lhR4jNC
                                                                                                                                                                                                    MD5:2DFCBCF3071D54E6F34ADE6665B967CC
                                                                                                                                                                                                    SHA1:3012DB2FDBA0535746905AA8CFBFA9BD184CF27C
                                                                                                                                                                                                    SHA-256:14FF718AE3306202AA53988DD52311BF96D3CB64DDC41BE839BBCDCE4CBCC336
                                                                                                                                                                                                    SHA-512:B6D855C3C81BDD94C8B3C2600A2B970FED945EB917A45F25E82A7EEA0041C5FB86D6A7600EF226AE28EF3EAD9263C97AA70AFB9E4E5192CF4341F323B504E64A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtGui module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCore...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtHelp.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):14678
                                                                                                                                                                                                    Entropy (8bit):5.041367871169897
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:Fi/KV/7VEAAMXtJzKiOwQxqS9tg7gMMRqk3XuLlhaQojsoLUuSCAerNtuHIYL4/X:g8f5UqSEwQlui1q
                                                                                                                                                                                                    MD5:5E957CFFD00D2E1913B314BCCD7528C8
                                                                                                                                                                                                    SHA1:28353854ADFD99DE1C68835AC28B54890D53163E
                                                                                                                                                                                                    SHA-256:3EB59B181403BD016E235C2B52673F0E4B03D5BEB1E8FF96446832C867CCBA4E
                                                                                                                                                                                                    SHA-512:90ACB61ED07EAE45589BBE1E1CB8F46C1046517F02037848BA035163F45EDF6374F95B1DC1356F52F52A37E4C9D412EBDDFBC043E783CA5F77982AEE1CB1044E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtHelp module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCore..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtLocation.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):69136
                                                                                                                                                                                                    Entropy (8bit):4.959766689017327
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:V6iqKakPkW0bM9GhEGmFAzG/IYWmRMpZgU1819X6FikXVHLePt2+ut3d7Wn8ncTw:V6N8gPLwmRt
                                                                                                                                                                                                    MD5:2434E56FE3C0D1DD85E44A0DE1D85950
                                                                                                                                                                                                    SHA1:0EA939A34DFB495E63644942341672D68124007E
                                                                                                                                                                                                    SHA-256:8E03F5E8CFDF71D8E4AE477051D14277E8FFBA407F322DB4C41D1E864AEBB6D6
                                                                                                                                                                                                    SHA-512:7DE8B018AEA7B11153899FACAEE6DEE2BED84CE74B493A353CAF01B3E702CED5D19A7D784B4906052E6F3204A54CAD37F0BC2ECA82796B5B50841D34CF27F237
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtLocation module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCo

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtMultimedia.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):127575
                                                                                                                                                                                                    Entropy (8bit):4.988563612449011
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:rh7g7shAmEmwph8rwuh/JOJsPOSwPnNfCN4im0UglSJl8MUx6EUBee2gGT8Rkcnu:rh7g7sOmEmwNNf6Q7YxwtQfGBS/lzb7
                                                                                                                                                                                                    MD5:59C04D87115F6992B7E0F683DE12D135
                                                                                                                                                                                                    SHA1:983D461973A62A46591491616ADF0046640F1118
                                                                                                                                                                                                    SHA-256:320292EA9399CCCF766F2DEBBE6653EAE2F718F8BA9D50892E2A5896A9F50866
                                                                                                                                                                                                    SHA-512:D646FABAB4AA7D636C85BE6A920401DF0B1797AAE7E6E58061875E5201696A26F81411BD238F0A8A5C3877A48694B70244B795337DFB5F7774C2A1B3091650F7
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtMultimedia module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import Qt

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtMultimediaWidgets.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6265
                                                                                                                                                                                                    Entropy (8bit):5.091298640947261
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:fn98WQ+zPv6y9Vc0Mo7XtgrpnBW632UBmWW8mT79mDZOtL9Yoada5LFYRdozmV6b:fQ+rzMoTtgJ/8//t5J2zozmVtK9rl
                                                                                                                                                                                                    MD5:F170F9318340992F8FD8293C1724AB0A
                                                                                                                                                                                                    SHA1:FD3C8218278A71E9296D38BC24D4817C653C5F53
                                                                                                                                                                                                    SHA-256:2E1C90200B56B15E316EA892459A6506FD95494317680943CFD7D9AF523EF7BE
                                                                                                                                                                                                    SHA-512:B533B43CD05327B7D0E20B74D0F2E6C93D35C13425B68B5096C13E026601D8BE31911169223C1374626C84B5CCBC8D576A24A2069500A025BF5B52F8F66EE342
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtMultimediaWidgets module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 im

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtNetwork.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):120247
                                                                                                                                                                                                    Entropy (8bit):4.996746424487988
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3072:rGjshDiKohL8aww+hIn1M8SlPjuFuEAfue4pO4vOD:Eo
                                                                                                                                                                                                    MD5:A241E980292483E3391B656FC2877527
                                                                                                                                                                                                    SHA1:CE32F9ECCF32653B5F41CCF57D3994F40F1645C3
                                                                                                                                                                                                    SHA-256:DD9B0564835A32A262F01378FAB2D72B7F10402411CB8D9BD05460A53E53F50E
                                                                                                                                                                                                    SHA-512:FF68636EBE65995699114ADA62043B9D2CBBCF1DE8CE83CD8DA09F95A5BD40FD3140845EFA99A7495B5AECD8EA8419DBCEEBB3D6B60F2226EB780733E598F32D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtNetwork module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCor

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtNfc.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):22944
                                                                                                                                                                                                    Entropy (8bit):4.961460069474576
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:NeDwXhIlhbSMTZjopjSdYBOsBFhGA3re+brB7FhsDPTrFFhHFhQsMm:ioM1S+jopjSdjsTkA3pBp6DPHXDR
                                                                                                                                                                                                    MD5:9A1BC2995B2084C8E67638AC183B4370
                                                                                                                                                                                                    SHA1:D28E23439C0F1466D1F89164730BB84347C68B8E
                                                                                                                                                                                                    SHA-256:4C058A3E36389868074E26DC20DF3B6B3640045F97EC64E40F85D5BAAE27E757
                                                                                                                                                                                                    SHA-512:8D04DEC9B9E815967E9F4F8F93D73DF302F288145ED3D36520FBBF6DD4250ECAA60BEC9BFF7183613113D061DD4B05115882899855531C939C85BBBD2FDD1918
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtNfc module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCore...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtOpenGL.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):18966
                                                                                                                                                                                                    Entropy (8bit):5.001019475276939
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:didFhkeOJFhahIUVCE54XolgUDrUU8gVyFhWW4+dnO+OnOC4+db1838DGz5:C6eObwxCJIVM5RdnO+OnOCRdbmMDGz5
                                                                                                                                                                                                    MD5:F94A9F69A9D424688CC218CB607AB393
                                                                                                                                                                                                    SHA1:7C4B975F0C82FFA14EE7D995C0DFE326A758FF68
                                                                                                                                                                                                    SHA-256:781A4A4D4EBD2581CB33C3171752F818365BE3638C0F30911092DCF16F96A827
                                                                                                                                                                                                    SHA-512:1E777C0A232E03635DC7934450733C0D4501F90827C02BB9A4022F73B621A4FA6F636A7A4284A063E6D9C4705F2574740DBE5290C60EE06850C98657B00F5CF9
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtOpenGL module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCore

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtPositioning.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):28425
                                                                                                                                                                                                    Entropy (8bit):4.909609153248318
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:UHdl6TD0peZJlXMqOhsHAM/M7XMGME133w:jnldgycf9m
                                                                                                                                                                                                    MD5:45ECA7C2A16B9628B1FB0D472AB97338
                                                                                                                                                                                                    SHA1:DA2792BC29E3A51367DA5B50DBB09318DC4DE14A
                                                                                                                                                                                                    SHA-256:91B46711B582EC848460FA90002CC092EC4936EE4A1F8635BC2EA5510C27F8C2
                                                                                                                                                                                                    SHA-512:8C599AD8A3935F820C34C3FB5B16E5C7EE559270610A82447785899030F810C486C2F4DD18FD988BF52C0908DF6890FD2B6BD117C1B491A435F8B81D1743A1CF
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtPositioning module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import Q

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtPrintSupport.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):22042
                                                                                                                                                                                                    Entropy (8bit):4.9103398738389075
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:wi6eFhKCqls1MsH0eJAE2JzBSOyxpcUqBhQ6aO4PejFg1FjGxYd:dgczHGxdUq7QxbGjF+Fj/
                                                                                                                                                                                                    MD5:9F7E136367076DBCFDE1E8A9565C5FC4
                                                                                                                                                                                                    SHA1:F037FDF6615E7131FB22D6DFF635947C8A6CCF42
                                                                                                                                                                                                    SHA-256:894AA8BF8AF20A917225C0B4C754BAB6D4755648BB82BF573832D6080BA18552
                                                                                                                                                                                                    SHA-512:9B8478EDB07DE13F8A1B2FE2542276C396EA8F9B9BB65E4B2C4A7BC6BF751BB5C80F440078518419316401F39460542AFC6B9E9010B0F556514377A86240EE70
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtPrintSupport module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtQml.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):34234
                                                                                                                                                                                                    Entropy (8bit):5.025179562647691
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:WAfFhPDOUrrLOmNAJnUHU5UnRU/5MaV78/bAUWHZiiFhsi2ui2zi2Ki2hi2ei2Ie:XfrLdeJnU0KiCoD57c0QzF9RUPU8bb3
                                                                                                                                                                                                    MD5:738B05E8766BDA08C9F06014743414E0
                                                                                                                                                                                                    SHA1:56FD9BD51A0B6A020A780B416DCB83EE8B67DFAE
                                                                                                                                                                                                    SHA-256:4499542F4C33E6F63798F0BCA568D413F3EC47F30CB16E1D2768C23227A58622
                                                                                                                                                                                                    SHA-512:3A0C07FE025E56C0BBADBA772499FE3525A63F4D33C42A76E411EFED34D75D5BFFA1084B3FD3DFA01FBE4D3282905C6205E62A53ADAC6D55AA9DFFBA8589B28C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtQml module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCore..f

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtQuick.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with very long lines (314), with CRLF, CR line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):94321
                                                                                                                                                                                                    Entropy (8bit):5.032666661993892
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:1536:JR70Tv04Gknkj+EFEqKEqxEqYEqNEqiEqMZ1TLE56E3NSE+NM8xVAVj/1O1Tz1To:JR791J25Evk
                                                                                                                                                                                                    MD5:99436C7E7BE27A413EA4DC9C8CD6E5A5
                                                                                                                                                                                                    SHA1:AB28037C1BFBEF6C97766FD9942FCD7DD216ADEC
                                                                                                                                                                                                    SHA-256:1272F4BE16E7F67F25292DB2489888ED8CC6F1A87D2781C0833DCF97DFA05FA2
                                                                                                                                                                                                    SHA-512:4CCD0DFDDCE84E33157F936310BB469E4B8A46B5E4B2292A2F2B84F0D74815D99AA90FFCF0015851C521BB19EAE091517C3C8BE2F9ABA0D205932A6B512E65D7
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtQuick module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCore.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtQuick3D.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5694
                                                                                                                                                                                                    Entropy (8bit):5.06152388938038
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:DQ+rzMoTt6/pT7BV/6haFQ/3G+Ya+FQ+Fp+Fl+FI+FB+FmH+IFzQvZ4iGR0+oWYX:sJPXKWfSmi+AB
                                                                                                                                                                                                    MD5:F8EF22B3DAE8A3D46633AF6BA95FC86B
                                                                                                                                                                                                    SHA1:DF6354CAB95326781D85716053834E0305AE2DCA
                                                                                                                                                                                                    SHA-256:E44987E9AD84D12ED394F11644ADE63D05848E5DEC62EDF5C1F816A754E1B1AF
                                                                                                                                                                                                    SHA-512:B2F484D25AF343C243DCF185DAB1547BE78F2CEDD1FD30F4FC9558591F8C36C611C061796086765A582826749D85E0EF567B64E519F9F53C981604CBA45A9062
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtQuick3D module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCor

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtQuickWidgets.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5205
                                                                                                                                                                                                    Entropy (8bit):5.1499975332010255
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:FQ+rzMoTt1kJ/4MAI578GJckNsNMbzOo26uq:C5QM9ckNsNMbzZ2o
                                                                                                                                                                                                    MD5:3F73154D4024B9150A11F6E7D7EC8987
                                                                                                                                                                                                    SHA1:42B7ED01AD838A20D837680AC1C2C8056D0F7C73
                                                                                                                                                                                                    SHA-256:F51C144038DE8954F1155D64858DF450A786CFA0A56D3D7B2D99E4386520CF81
                                                                                                                                                                                                    SHA-512:1E429C2DDFB77714286C5E07608DBA98396CCA32D5F02EFCF84FB185D8A7B5D1898A8BAF7D48342B52A8C427369385A436492DBFCF99D573496AA9424752B2A7
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtQuickWidgets module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtRemoteObjects.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):9713
                                                                                                                                                                                                    Entropy (8bit):5.037952296677492
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:6ecoBLo5MUy1cpks65q5LzcMacZc/P1leLoBEE7/pLjnT9XNVcPD01c6FxVExscM:OCL5eDaUwXNVesfR3uXuy+n
                                                                                                                                                                                                    MD5:9DBA0D943E7B7ED4B5332843885A895D
                                                                                                                                                                                                    SHA1:AEFD95D16F1A47B39562F0D31468E04246C41944
                                                                                                                                                                                                    SHA-256:4DFECD3C34F0435CD396ABEC72C6724E873A6CF03BB5F3E34A238F74DF711E26
                                                                                                                                                                                                    SHA-512:CF2C489A5BF45421A994776ACBB66C6DA4EB85310448E0F7331B14C154875B7A936885C12E00A28A789E2A58D62D928090D7F2DC1474DD07A2043A9653CB12BD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtRemoteObjects module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtSensors.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):21995
                                                                                                                                                                                                    Entropy (8bit):4.960948031686204
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:7LgdC3K65bwVmlbGrhJsO4INy/0GcOuYH3UrNr6v8RV0bedxqsn:7LVKYNO4INy/0GcOuYH3UrNr6v8RV0bQ
                                                                                                                                                                                                    MD5:903F99DB861617FCAFE92E2A38A01041
                                                                                                                                                                                                    SHA1:F6E4FC589427C6AB25599FD44CE7CF551564D900
                                                                                                                                                                                                    SHA-256:D9FCD545246777C829BF7889C644D03F5DE481D07EE7A04E8161D71391AD73A7
                                                                                                                                                                                                    SHA-512:D164066F3B0DB637D9E898E9F14FDC453512C3CE723C19D03F0D4AC5952E415C12FB1DC86A23AC967FD209A7A01086814E069B695F3FB73D4CD448B0E06032AE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtSensors module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCor

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtSerialPort.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):12820
                                                                                                                                                                                                    Entropy (8bit):4.912132590676314
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:VewYCb033MDLLkSX2QNyoslSnO38MLpFhEFh2IDDSBEUBS:PYCb033MDLLkSXBAAfZ
                                                                                                                                                                                                    MD5:B7903C0B12A83E8D81EC038C9EDB0B8C
                                                                                                                                                                                                    SHA1:E8C6110A3D27B9BA9D2BBBDAC1021E4537CFC72B
                                                                                                                                                                                                    SHA-256:12396CB4CE078CF2DBD45EDEEAAEFA35DBA2938883F6484F236787E8E50A1C96
                                                                                                                                                                                                    SHA-512:7D8EE4B62A37E58F5862A6067C9476A2BCC284AEB8F765594545DFB944066640875C3BE7D153739006CA8D5EC03EC5DC8D78032D3D8F945CCD6BDC2F01BAEED2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtSerialPort module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import Qt

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtSql.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):32373
                                                                                                                                                                                                    Entropy (8bit):4.941939889619284
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:EfO4d+Rhrr/A+AoI5zAmB1zowecKynTosaqE2g1xd0QDudkbcnutO:k0n/A+hI5smLo+K0BGNxd0QyT
                                                                                                                                                                                                    MD5:5F7173E1FF4DD35C0C776766F2175714
                                                                                                                                                                                                    SHA1:C2454C41B30C926505120CA8CE783A9F1287D33C
                                                                                                                                                                                                    SHA-256:97821529CA098F74BFF89CBA08DDA03C7B85354000D6D356291442C5E8B5FEAC
                                                                                                                                                                                                    SHA-512:81AA806B2260FB98082031408F72F436CCE3AB084A4F111777179BE4EE828464DC8E0E17422D1F97F93657CBD0B6D4F8778A83B82AEE66A6B30200FE6F5B1DB9
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtSql module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCore..f

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtSvg.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6756
                                                                                                                                                                                                    Entropy (8bit):5.06031973303669
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:75Q+rzMoJ/smjbozd6o06ohBIfurLQAIFhwXDuIueKlXfomGYbjb/EXe9I+DPdA:7GiToB6o06ok8QfPojr
                                                                                                                                                                                                    MD5:E138C39B94E2298AE8939265EA28C9F4
                                                                                                                                                                                                    SHA1:25B7268CF0C1CB375D05C9AA39929EC91D868B26
                                                                                                                                                                                                    SHA-256:7F0F276D3F17A981048A6C6165B7403BF2E433F5A5A2CB2D9077A449ED9AEB80
                                                                                                                                                                                                    SHA-512:C4880FCD609F0074CEEF770C9974634CFFF1C1F166469A9A2D653F20D4D39E0B2BB0CBD359E195E44BB6014FB9401E557644802BC97AF577B49A073B2D27B6BE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtSvg module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCore..f

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtTest.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):12275
                                                                                                                                                                                                    Entropy (8bit):5.015337159407925
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:eidHpEdUDrEd2EdGEdIEdG07EdVEdBEdLEd/E2EbEkELE0EBEKEkE7E6EVEvESE2:VEd2EdGEdIEdG07EdVEdBEdLEd/E2EbC
                                                                                                                                                                                                    MD5:24E8FB31B7D6B8DFE43D819CB8D1AA8D
                                                                                                                                                                                                    SHA1:420C356FA1CC5AC0F1D00DC4463B7A5232A5491F
                                                                                                                                                                                                    SHA-256:5DF9599FD28AF3ED9BF4D1F16DCEA8143C4E45D9670E5162B2EFA4F00F39F0A7
                                                                                                                                                                                                    SHA-512:5C210E58D8B542AA626DEE49B70692A699D851CC139F8B96D7B0AAD6E7F0047B9B450E2654CEEC1A26546594D9DD5986AC9283A8F404D8F5EA7E613C645B54BD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtTest module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCore..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtTextToSpeech.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3875
                                                                                                                                                                                                    Entropy (8bit):5.027750253690006
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:KCn98WQ+zPv6y9Vc0ppnBW63/MKKRyby/yzL6cOzBTN46+Vd/hxIAd1HGtQ1LF32:ZQ+rzLWQXy6dpiNhv+TExaflhW
                                                                                                                                                                                                    MD5:A3139DC8DA4CE6B127868567FFB2D187
                                                                                                                                                                                                    SHA1:D62F9686D2B9E72CE61238EBC2EF1EEBCA9A2CD0
                                                                                                                                                                                                    SHA-256:18056DC9429F0D27E9456BDF0E49EB07E292BDF1B3D4D741C59F968622D42F98
                                                                                                                                                                                                    SHA-512:817589393604966911A143E726D0EAC3F6DF2E573E540628827B9C5DCDE6EA1910D2E15DB37F8E23A3D5199814796FBADA09ACDAB3C142C16D15A758FAD1B4B3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtTextToSpeech module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtWebChannel.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2587
                                                                                                                                                                                                    Entropy (8bit):5.207600000477432
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:gn98WQ+zPv6y9Vc0ppnBW63h+6YjLeQXFywaywwqGwdFk+6Jf4:gQ+rzL4JjLeQX9o7fBg4
                                                                                                                                                                                                    MD5:578931209938E053D9FDC515983FF9A2
                                                                                                                                                                                                    SHA1:7C0450C5B6EB23D569F0875AE7FBD29CA5C3DD06
                                                                                                                                                                                                    SHA-256:D97DC265667BDC62B88544B73125126D915C545AD22AA6124E68F09DE80A8973
                                                                                                                                                                                                    SHA-512:5F13DC372A42784333911005DB18C3A7930904623D40336AC3ACA05DB0E10191BF120A196B6884B6692C7B7B757EEE4704B8087C0E6188EEE062EE8EA7898F50
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtWebChannel module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import Qt

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtWebSockets.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):10204
                                                                                                                                                                                                    Entropy (8bit):5.016476288539208
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:yAFoDmSnMiaZEa7+EJj+9ZfKf0fGqfDf9f2f3fSf9fXf/+fZBGqJ90Jox:noxaSAZ+9ZfKf0fbfDf9f2f3fSf9fXfi
                                                                                                                                                                                                    MD5:4FF86EC29159D2EFB6398BD554CD9AAB
                                                                                                                                                                                                    SHA1:386A4058E80F49FD61B77308DA142B0D93A07689
                                                                                                                                                                                                    SHA-256:EA5400870E58E037AE83AC0DBD1513EE65E527E240E17B407DBA5081FFCD9192
                                                                                                                                                                                                    SHA-512:1D925EB880C24EBB042926955410E4B1F062B71DC9911FC3D27E276CC6DE58A47FFD4138FD77C6EA7AE7C2A56CD694321840C5B42B1CCF5D4C2C46FCBDA623E0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtWebSockets module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import Qt

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtWidgets.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):587886
                                                                                                                                                                                                    Entropy (8bit):5.0030759619457585
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6144:SpawJCbDnILvizVu+UqmLVbLxjpcQML1PDx:ZVPU4
                                                                                                                                                                                                    MD5:C6138CE3A0E50F37A070034B6B77649B
                                                                                                                                                                                                    SHA1:0FFB2191730C8BB04240ACEE102E1CA58666BC73
                                                                                                                                                                                                    SHA-256:1A2862CF9EDB9DFE47D95AACA46003AAB29F629D8B8D70950F741177DF85F535
                                                                                                                                                                                                    SHA-512:26AA7445F99E643E7B7FA1B901DAE893E22D1C985AC335230A30C358077F35461F5CC096C117F7308AA9C33087E6BFE7D7EC56F11AF85130B2C39F6C0816E684
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtWidgets module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCor

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\QtWinExtras.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):15183
                                                                                                                                                                                                    Entropy (8bit):5.077387695983443
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:GQ+rzMoJ/pACzhmzoplhUzuE8WA1AqzA5zA8zA3zA0u4jtX220bs1UxKeQThsu6n:tihpSObzWztzczBs/Arw5KA
                                                                                                                                                                                                    MD5:432866EE3C2910D70D3F239230FCCA8E
                                                                                                                                                                                                    SHA1:DD56DDDFAB83CA7896748EC55B7E314CDDEE560D
                                                                                                                                                                                                    SHA-256:6CF6566B5EF43670E2691C0B643BE104815BAFEF91031D3E05267A7856B0D5A0
                                                                                                                                                                                                    SHA-512:8D6BFEF5C8DDEE9B6CEDA287173B68BDC5D1D61AC4CAA12A592DE476B7CD6F74D0FA09C9CAE8605060C09140323E2E3DC7853C3BB9732B44D4520EB5DFAD27BD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# The PEP 484 type hints stub file for the QtWinExtras module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtC

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtGui\qtransform.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5217
                                                                                                                                                                                                    Entropy (8bit):5.052015838102628
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:ATszAo/JGeKXngigABqJKT3OijrYHRYelmMp3+YRnQAFYvdgwHCRJG:KLo/JG/Xng2bYxYelmG+YRnQyYoJG
                                                                                                                                                                                                    MD5:36CFFC1B4EE2B7CDF869C6578D3F2EF7
                                                                                                                                                                                                    SHA1:7EB318A801209FC142A7E8BD1E790792FF4F5411
                                                                                                                                                                                                    SHA-256:22C0B829A7D529CFC68D51DE516214B7BFD1ABB6000934CCEC272B1624987D05
                                                                                                                                                                                                    SHA-512:570F3085E055F1B1B65A107FEA38E863D952F89C449151E67744B9FE2BE70DC273C4FDBF7732C943A160A7D35D0F04B31F4796A3719C5D06EBDC1F832A199DC8
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qtransform.sip generated by MetaSIP..//..// This file is part of the QtGui Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%ModuleCode..#include <qtransf

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtGui\qvalidator.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3939
                                                                                                                                                                                                    Entropy (8bit):5.085081677203163
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:raTsz6eAv8VpR83h7woX9OGRz94hpcP70GRzacgU1hJsn0GRc4hMHD/GRi:4beAv8VpR83h7w24GRz94hpcP70GRzai
                                                                                                                                                                                                    MD5:A5C118BD89AA6A795B03B61B9A0F9621
                                                                                                                                                                                                    SHA1:FD7CA654F86FF4B92E982E857A645DB94B34672D
                                                                                                                                                                                                    SHA-256:1A75713824734883A5B0DAE852394992413DFD4FC6D88B0F926E2325BA7F0CAB
                                                                                                                                                                                                    SHA-512:9C107846177395CA1FA0349298AA7C6A6ACAA46071624E05A6D4B2260342B7E49C674000BABA19ED8FD0A6E51547C002FBD4D80522F345710D96226C33265133
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qvalidator.sip generated by MetaSIP..//..// This file is part of the QtGui Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QValidator : public QObj

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtGui\qvector2d.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4173
                                                                                                                                                                                                    Entropy (8bit):5.15372230103185
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:X098RszhJhxfgyA5KFl7AXlaa/bx/aQ6QF5cPg152OOxSSgmdofKZSE1u1iDtIBX:XTsz/SY9A1dTpNMrhQKGpNQpFY8U
                                                                                                                                                                                                    MD5:F075A485C883EE2A58FE010C0D92A72E
                                                                                                                                                                                                    SHA1:941C6D473DE3DBC4328FA221751037ECB8DCC452
                                                                                                                                                                                                    SHA-256:3B0758F50F1CE8A4428FD3538744CA89380A10C9A7BC42857ED8EBBDB3E73B68
                                                                                                                                                                                                    SHA-512:55D148394B2C4B6D31A883678A25B53874AF835064DA7081249FAB5E902204B77C57ECA1A57065F48D2E50A0F4E09722B5FB8DADA6E865BBE17FC5D13F2CDB84
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qvector2d.sip generated by MetaSIP..//..// This file is part of the QtGui Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%ModuleCode..#include <qvector2

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtGui\qvector3d.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5245
                                                                                                                                                                                                    Entropy (8bit):5.124295298401552
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:8TszD7JFNh0BMWjriMUdgMrS4bnbPQKFY7U:WW7IsM/T4bnbPQwYg
                                                                                                                                                                                                    MD5:61BE3E5835B0839FDEEAE04420F8D758
                                                                                                                                                                                                    SHA1:0FFA28D4C41426599BA2117F8169DA41578C64B7
                                                                                                                                                                                                    SHA-256:2F453AFC2BB28E2F210C37930B8A755220DD2E6776C2C2DF3B7CA9543507C620
                                                                                                                                                                                                    SHA-512:160A5DE412BD6B98596F1BD50323AB7B7FF7BDCEAD516C2CA5D9D563B8363D43AEB54EBC0A8B1DBD8BF15A457B26D540BB4C3D602980D622003F5712B2614026
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qvector3d.sip generated by MetaSIP..//..// This file is part of the QtGui Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%ModuleCode..#include <qvector3

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtGui\qvector4d.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4816
                                                                                                                                                                                                    Entropy (8bit):5.1504665437076484
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:x098RszhJhvZKyAp/rgBXwOX7y/ajR/LRx3cCaQ6El66Kv0cPgk6O152u58emPSn:xTszDwmAOAO9CVDkrLoQkhZQnFYWU
                                                                                                                                                                                                    MD5:3C393367C579C03B754BE89CA719E3D9
                                                                                                                                                                                                    SHA1:FF8A3FB0D2526C3DF8764888804D557CC20C8799
                                                                                                                                                                                                    SHA-256:F236141F8E20C03A428447019A6DEDA413A98D96D63EE0BDB792404BCF4F3359
                                                                                                                                                                                                    SHA-512:19C6006689B6AB21818BE266A0184A22E1E1A4BEBD69610880D5C75320DFA6361DCA2A3C1A0A99671A4BBEAE3172AB7740C1614DAC7F8A0F7008841E29116FA0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qvector4d.sip generated by MetaSIP..//..// This file is part of the QtGui Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%ModuleCode..#include <qvector4

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtGui\qwindow.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):7637
                                                                                                                                                                                                    Entropy (8bit):5.012482123059047
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:qSMk92zG5OkJjs4g+HRqRK8XihD5vx3GadzDn:7Mk922O6js4g+xMK8XihD5vx3Gah
                                                                                                                                                                                                    MD5:CA419C0580DAEC33C1F210E9D1403E0A
                                                                                                                                                                                                    SHA1:EA837B2520EB824F0E24E1D43E8737EE383D3E1F
                                                                                                                                                                                                    SHA-256:DAF0ACDF2B7124BFF6B3520824635A1484E67289D4D27F26809E413ECF2DF494
                                                                                                                                                                                                    SHA-512:0FE2ACAC37F76D0E62E666FE2CA41446DAC367A856B2B0086336F17C69BB78996DBB6092072F20BC6FC0F968BD439EF39BCB7FBED34315FB776C0CFCDB9CF7F0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qwindow.sip generated by MetaSIP..//..// This file is part of the QtGui Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QWindow : public QObject, p

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtGui\qwindowdefs.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1033
                                                                                                                                                                                                    Entropy (8bit):5.0933078553483355
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:jG8EyD9wFX0dJxnOILsBIYFCIX54B++NDK2OsjbojvEZRURuHahLs2aRHAUDOkkX:yyK098mXIpmNDzVZRURU2SnOkD+v
                                                                                                                                                                                                    MD5:49BEC1CE91CA126D0DFB037A441EB10D
                                                                                                                                                                                                    SHA1:7268A985590F8FDF70C35B1A3818421DC8EFD6E2
                                                                                                                                                                                                    SHA-256:A2BF042C4E7714EF8BFA83D3C40831AB27E21DA5B8E9A1850144090C3050E9DE
                                                                                                                                                                                                    SHA-512:6BC72FBF9863AF648D5DF9AB95B1FD6168AAE7BF14D95985DB20D02CFA23838153F39FD377DEEFC3A4E29C840EA1607BF8B20CC7730144A3CD70FF45A2A5AEFA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qwindowdefs.sip generated by MetaSIP..//..// This file is part of the QtGui Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......typedef QList<QWindow *> QWin

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtHelp\QtHelp.toml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):181
                                                                                                                                                                                                    Entropy (8bit):5.098831449919977
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:SZ3GMiyT8QQCQIMQDKNpsQ1MKxwehyIWWMKxtHO+Cm4o6Mvk/dkC1WiE4yn:SZDim82QIRGGWNthyIXo+Cm4o6Tdk6An
                                                                                                                                                                                                    MD5:CBF29E3A5897E99A1876EAC0D9F19EBF
                                                                                                                                                                                                    SHA1:A6F165925EF5C8CD372EBCA947D855E04219847E
                                                                                                                                                                                                    SHA-256:008F6D5AEE858D11CB9FBBA039D78A823286243745357104F55E6A6C770C3187
                                                                                                                                                                                                    SHA-512:03935A643EA42E95E2320417815FBAD01D14C91FCB3B172E68C4E2618516E23E010A13A6EF671F1BD3DCAC6F764FD7151E005B20077169FDBADD009556462399
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:# Automatically generated configuration for PyQt5.QtHelp.....sip-version = "6.8.6"..sip-abi-version = "12.15"..module-tags = ["Qt_5_15_2", "WS_WIN"]..module-disabled-features = []..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtHelp\QtHelpmod.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2402
                                                                                                                                                                                                    Entropy (8bit):5.142853836169494
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:7098RszhJhKX98tAzhAS//OetFgfhP+R1oE6s:7TszZAleetRj6s
                                                                                                                                                                                                    MD5:84C36E0CA6002D15B1B035B3240510D2
                                                                                                                                                                                                    SHA1:B5683CEEC59018D0E2612BF5665BB86170A2FF17
                                                                                                                                                                                                    SHA-256:B6C1C03BA008FF799B7F180CC085B853589E03DD164A916D456D2B83B30E005C
                                                                                                                                                                                                    SHA-512:507F1E90100BDD4DCC95B9783EC2461F1652FA733FBF624F080004D307659DC6B6BBC90DA4606F2C519B9167A40A0EABB1BACB70B99F016CFE5311762D4EC54A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// QtHelpmod.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%Module(name=PyQt5.QtHelp, key

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtHelp\qcompressedhelpinfo.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1522
                                                                                                                                                                                                    Entropy (8bit):5.165630345398623
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:nI098mXIpmNDzVZRURU2SnOkp7MDYOfp6NnZu0ZCAckPXDz:I098RszhJhposOh6Nn5ZCAckPXDz
                                                                                                                                                                                                    MD5:1850EAC98AF606F985A1923AF9E4BA14
                                                                                                                                                                                                    SHA1:2B49179EAF4EF619C4943DEB12170FFBFC416639
                                                                                                                                                                                                    SHA-256:56AB3B11AD900C53C134D5BCBF1F929F54A1102C410F7AAB674018B9FC4C6A55
                                                                                                                                                                                                    SHA-512:8E1A4037147E9DFA642B2048B7011E1473F84A469E3C494919D3FBB42D7F1FFA7AD258661A3C27BBC00E55D8CBA910719E70C34F1B32FEADBD2B7ECC8A38358F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qcompressedhelpinfo.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_13_0 -)...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtHelp\qhelpcontentwidget.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2438
                                                                                                                                                                                                    Entropy (8bit):5.072984873889959
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:jOD098RszhJhpB0qyKLZZneUs6t08qSuSQQqEQag8QmQ+Q48595q1vaMv8t:jODTsz/BmK/ad+NbqnagPlNnaSMkt
                                                                                                                                                                                                    MD5:4911F68D2A0420ADD02A7826B34A056C
                                                                                                                                                                                                    SHA1:B3A2E7AB2A14B3C37FCB984988D9C83243A1ABF0
                                                                                                                                                                                                    SHA-256:8D6DD35A98A68CA9CC56014F93C02A5B551C3609D4EDFA84A5FD75F2D63702E5
                                                                                                                                                                                                    SHA-512:F9978D28E9D3868A8669CB9251E005B16CE2E97EAC19816B35A0EF6A6A92EE21EEB3F0E079533E61F3CEB0D9354F53E5FB83EFFDB6B9B85DE12A619358A4DEA2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qhelpcontentwidget.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QHelpContentIte

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtHelp\qhelpengine.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1405
                                                                                                                                                                                                    Entropy (8bit):5.146185266603026
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:jLNsI098mXIpmNDzVZRURU2SnOkTDi8WzLEnYEs9SWvWGp7k:jL7098RszhJha8Wzg/s9xOGp7k
                                                                                                                                                                                                    MD5:FF2497959813B7881533105E00FB5879
                                                                                                                                                                                                    SHA1:0A28D9634F86A16F949E736D894C0C20F36FBC81
                                                                                                                                                                                                    SHA-256:060528EA20E692D079F569FD867C1778EC66F038D0B6036C60A75AE2663BB867
                                                                                                                                                                                                    SHA-512:A296AD789149452A1BBB79FCF06443227CC9B3B2262E66A5C5A62C0FFB4AD636B116197A4C335EFBAD11932E8626CC920A5B16502E11345A2E4C4471ACE3D3BD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qhelpengine.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QHelpEngine : public Q

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtHelp\qhelpenginecore.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5476
                                                                                                                                                                                                    Entropy (8bit):5.121641418452089
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:jATsz1A8FN+gblHsUxqkd8Et8HibKgNg0yUYSrqMNOdVgiU3+u7OWn:jKqA8FNfhHsUxqknoimgNgCPUdVg1+in
                                                                                                                                                                                                    MD5:59AD7561C93361335E442FE1559E5F0A
                                                                                                                                                                                                    SHA1:BAA33D71D021A981B8F58CD068ECE8BDFBB0A70D
                                                                                                                                                                                                    SHA-256:4401E3CB5E3427B91A2F1E1FCBFCB7AF728EA88D492D2C838E211CE95868696C
                                                                                                                                                                                                    SHA-512:616F04CC6B21ACDCCF1C279E0B1E6F2AF139D1AB95B7476E58E2CD65F8E133925678B442C7B4DFD68169BBF3B24B41317B4F46F98E62592CB5597243B403E14A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qhelpenginecore.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QHelpEngineCore :

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtHelp\qhelpfilterdata.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1498
                                                                                                                                                                                                    Entropy (8bit):5.161218602683952
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:jTGI098mXIpmNDzVZRURU2SnOkpQ6cM164QIf9Y4ZWdpBzjS:jTb098RszhJhpZcs6Qf/8vBzjS
                                                                                                                                                                                                    MD5:F1C89D802022D9AAEE1078CB788D6264
                                                                                                                                                                                                    SHA1:C52A8D56D4C66104EF7C58CBA789C6ECAD60FD18
                                                                                                                                                                                                    SHA-256:6C7E46A8B288892FE6190BEA0F2CB42D824E558BA670AD0F30C14922FC76947B
                                                                                                                                                                                                    SHA-512:944832D54EDEADDBF5DC0800B8053D8622755C918D060F7A1188DA6EAEB0686D12514A8C3A9313872B17FF7E75CCFDBD41A0317BDB36872E32CF190E30594BCD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qhelpfilterdata.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_13_0 -)....cla

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtHelp\qhelpfilterengine.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2051
                                                                                                                                                                                                    Entropy (8bit):5.157925253456421
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:jTV098RszhJhpRG5pMZ+ZX4DanWVKhoWIs31MrA1MrCDz:jRTsz+AyIH8oHNrlrCz
                                                                                                                                                                                                    MD5:E142C34C65A19BE9B0772E8EFB3398AE
                                                                                                                                                                                                    SHA1:3EB1F6C30F59408AEE57082A6DC3794EFE8936B1
                                                                                                                                                                                                    SHA-256:FC86939649134B5C16FBBEE140255272D6E288ED393AE69CF785188482E871F3
                                                                                                                                                                                                    SHA-512:2CECADBA0BBAD1E9A79AF65BA5FB23C907276D7DB72619E3BCA709FA65B8822EA69BC775A0DDB10DB9F1BC3822ACC667F0F8698AD6C0DB69CBB0E1D34D6C00BD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qhelpfilterengine.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_13_0 -)....c

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtHelp\qhelpfiltersettingswidget.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1529
                                                                                                                                                                                                    Entropy (8bit):5.1519765915840585
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:jT++I098mXIpmNDzVZRURU2SnOkpOB268qrsWjGDYO6ZBdHSS:jT+D098RszhJhpsX8qrTja6MS
                                                                                                                                                                                                    MD5:CCC617AE83F06EC5E71EAB1C18F0F3ED
                                                                                                                                                                                                    SHA1:0AE0BC8767492CED737AD8E1B147EE9FD9EA4E47
                                                                                                                                                                                                    SHA-256:1C6079ED5666E33F402D338FD3662CDB038861B764E2BA0DD18B8843A772711A
                                                                                                                                                                                                    SHA-512:A3B5AB7A58F7B6C087C9C3FE91E87D109282A603D7F2C3BEDE841A67F0B7D8C1A33F82D58DF62B33AA73FB8CA28CDD96D95AB61C8A337821E8AB5EDD7CC5DA1A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qhelpfiltersettingswidget.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_15_0

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtHelp\qhelpindexwidget.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2219
                                                                                                                                                                                                    Entropy (8bit):5.220240467758467
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:j/D098RszhJh2qkcsZP2BcowqAM8x9TUjMC0NS:j/DTszQkAMa9gBMS
                                                                                                                                                                                                    MD5:DE094961E78CF1A8C8810D8E1B8402A2
                                                                                                                                                                                                    SHA1:3555E7067857DAEB0EF3DAD9907222F33E461F93
                                                                                                                                                                                                    SHA-256:AF61D3A110CC62999FE4647B858E86BB6FF789400924C2DB81FEB2365B0ABF11
                                                                                                                                                                                                    SHA-512:C0A8B624BC985350A413C26E4F0599D6745CEB26904B771127F13A9B1FDF7EADBC80B7BD71393536FCA9B93D12BEABB40B964B492F42553BD20CB190C12A4867
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qhelpindexwidget.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QHelpIndexModel :

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtHelp\qhelplink.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1108
                                                                                                                                                                                                    Entropy (8bit):5.1579682694754485
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:j3PsD9wFn0dJxnOILsBIYFCIX54B++NDK2OsjbojvEZRURuHahLs2aRHAUDOkkaj:jPsI098mXIpmNDzVZRURU2SnOkpfD82T
                                                                                                                                                                                                    MD5:CB6CDA865D8035A7E5A5F2741C6A8F7A
                                                                                                                                                                                                    SHA1:60664DE010D6BE9B2869BC19C6574E811204B814
                                                                                                                                                                                                    SHA-256:1CD7255DBD2AF9161C4F69586364A81245062DBBE1410804F0AEA3ECE288F5B4
                                                                                                                                                                                                    SHA-512:0FAF07D95F4B3740B85FADD60E4E7743B5BA2F17037B4946DE5AEF8B6440906126EE0FD916166006CCD4C9594CCC6FA46FF045F1461297E3D019E96CA9ECA221
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qhelplink.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_15_0 -)....struct QH

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtHelp\qhelpsearchengine.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2821
                                                                                                                                                                                                    Entropy (8bit):5.170141189364538
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:jn098RszhJh57afvddCWbKkpqA0upuOi85G68F/6+MjK0ff8/1z8WV1H+EBMyVHi:jnTsz2fvYyqAHuOLL8FA+k8R8WX9w8p8
                                                                                                                                                                                                    MD5:FA54167385C728A80A9732F22698CC4D
                                                                                                                                                                                                    SHA1:E1937B0A8389681D415F2CA42C2231ED78BF4D3C
                                                                                                                                                                                                    SHA-256:DF70609314943D0246095C140BC617A42F9E2FEF0B5CFBEBF693224C12A079D7
                                                                                                                                                                                                    SHA-512:A0A3C1D6A4A32C9F60A6FF9DA413A23B2A266CEA9F9D4584661A890D1BD62981F83B296D4217096FB448BD021889335C2D32299F9B64FBFA56400A36ABD53CCF
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qhelpsearchengine.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QHelpSearchQuery

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtHelp\qhelpsearchquerywidget.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1921
                                                                                                                                                                                                    Entropy (8bit):5.258219728656808
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:jPD098RszhJh56Jqk2r+0qNjK+H5WI/Dx1BH+E1wxyn:jPDTszyd0O++H5WI/Rtn
                                                                                                                                                                                                    MD5:1AF556D70BF4791C632C018C3704EC9E
                                                                                                                                                                                                    SHA1:93E28791B4D06F3B024090EF408B2028F2AF260C
                                                                                                                                                                                                    SHA-256:FEAA9FCB921DF8755E5737CFD5C676FA69D39F511B844A87FF5DA84A553AD6F4
                                                                                                                                                                                                    SHA-512:CDC226615C38A18A0F4B08B78E7152D99DD77969D5C575D263FF0A116021A1B9E25EC27D5309D3C843561F4E6543F6F83E978475B467B6D4B71E4C576E4FB0E0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qhelpsearchquerywidget.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QHelpSearch

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtHelp\qhelpsearchresultwidget.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1264
                                                                                                                                                                                                    Entropy (8bit):5.145696436683309
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:j0+I098mXIpmNDzVZRURU2SnOk5689JfZqSR8hWUzsKLWBu:j0D098RszhJh568RqSR8QUz5iu
                                                                                                                                                                                                    MD5:974E9CE0CF9CA7952E815A55F9A68483
                                                                                                                                                                                                    SHA1:F288F690D1AD33943733DAE90F7E595EA91FA394
                                                                                                                                                                                                    SHA-256:C822D6534B5844697653EB37903F51D1ADC4D8843E324C508AB44F3409173F51
                                                                                                                                                                                                    SHA-512:168143BB0FE8855C4C3D499296FAE04BC7225CF749A013DBFA6C6DDDA135702CB0EB5D3A2540158813CF7EEB0D60F9B8F936AAC4A4863BAB1DB8906A93CDDCE4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qhelpsearchresultwidget.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QHelpSearc

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\QtLocation.toml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):185
                                                                                                                                                                                                    Entropy (8bit):5.083394086980918
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:SZ3GMiyT8QQCQIMQDKNtb3wvAMKxwehyIWWMKxtHO+Cm4o6Mvk/dkC1WiE4yn:SZDim82QIRGrNthyIXo+Cm4o6Tdk6An
                                                                                                                                                                                                    MD5:EF43E892D81991DDD41F161AE5D5572D
                                                                                                                                                                                                    SHA1:4EDB922000AE14559550B71D959FD8A2E3B6678C
                                                                                                                                                                                                    SHA-256:7876534470F1B1F5F9C7DC7F09087E9818FC446B2627A76D4F9835203DD48FAE
                                                                                                                                                                                                    SHA-512:3C2BA6995B4DC11DC0C52470B0A269D1AA512EB8E322F72C9BA1A00B3DE4E973972F0EAB8B49A20D623B125918AFC45D5EBB81C520A3B6323B27F4D1356734FE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:# Automatically generated configuration for PyQt5.QtLocation.....sip-version = "6.8.6"..sip-abi-version = "12.15"..module-tags = ["Qt_5_15_2", "WS_WIN"]..module-disabled-features = []..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\QtLocationmod.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3199
                                                                                                                                                                                                    Entropy (8bit):5.062937126941617
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:z098RszhJhWt98tAzhAS//Ou7euOElnLNHroE:zTsznAleeJoE
                                                                                                                                                                                                    MD5:1ABCA352AD3DFD294CA49752F8BCC3B3
                                                                                                                                                                                                    SHA1:9546281EB74C515B497B14C6E8A9DD39C10265A0
                                                                                                                                                                                                    SHA-256:01D6B0A30B9D2F48C4362A0C0320BC995A5DE35C39043C293FDFF846B98560E8
                                                                                                                                                                                                    SHA-512:21031447221DFB155B6A796E4423D83B3749C05C1B5FE456EFB108CEAAA266E629C5A1F6A19C17B878B16D0E31FB0E4DFBC9594CCA85BA0D35544FC9CAE72EDF
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// QtLocationmod.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%Module(name=PyQt5.QtL

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qgeocodereply.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2416
                                                                                                                                                                                                    Entropy (8bit):5.0866506152227435
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:+098RszhJhprAvmBWNzypH6ZUagmpd3DHQe5CXy9+rq4uU:+Tsz/Aaoy5uUaBU+CAh4uU
                                                                                                                                                                                                    MD5:38D0FA13F9444655607001AA621E97AB
                                                                                                                                                                                                    SHA1:701D3D83C47E89E26531B859FFE18659DA34ADDB
                                                                                                                                                                                                    SHA-256:301A5BE52F1ACFA2F0EBF77D433935BF719E37C136CB8EA9147CCA1CA790D384
                                                                                                                                                                                                    SHA-512:DEBBB4D4DB895F40E0DA52E637ECC615A928F84B7FEE059F1E36BB9EF2158F5E86155ED5ACE9B8CE8ABBF30EF32483572E13B59BD8AB9EB50FEF2510B3260966
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgeocodereply.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....cl

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qgeocodingmanager.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1835
                                                                                                                                                                                                    Entropy (8bit):5.151360124505369
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:A7H098RszhJhpQ5qSFdCUALTCGcLQeGc5OGDwce2JaCxb:oTszarFUJLT8LQsQOaCd
                                                                                                                                                                                                    MD5:429BAE8C75FBEAA80EE51DF05D390428
                                                                                                                                                                                                    SHA1:25484185E0EA5B071FD199F6233BC8C4F40697CB
                                                                                                                                                                                                    SHA-256:C362968FC30497133D3FD56A63A65927B2E5A3A424E08B2F09F6F1246D160A26
                                                                                                                                                                                                    SHA-512:74FC4BA15817EAA12F736A272204539642D5A33CF481FF7F7C933A6394220D04FAE067111740BFE5E658443CFD49062E89CA2880B11A09AFDC8523C02F70702C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgeocodingmanager.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qgeocodingmanagerengine.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1907
                                                                                                                                                                                                    Entropy (8bit):5.13076996043777
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:At098RszhJhpXAAqa/KzdCUQYLTCMYLOMY5O7wce2JaCxb:CTszrA8KzUXYLTLYLX8BOaCd
                                                                                                                                                                                                    MD5:E049E6FE1A9735E1737D0A60978BB754
                                                                                                                                                                                                    SHA1:1006DE2CC1EF5ACDA7BDE3B9A4189EE169CC19CC
                                                                                                                                                                                                    SHA-256:360DC9C224334B11FA8576897D308BCBF51E6D84BA9FBCCC6AFBB76582BF3F12
                                                                                                                                                                                                    SHA-512:4549E90E8947D64000EE703A884AE82FFE168A9AF37EC519A5052A66B13C4863A6D0A1DD8AD3EAE31483612E678A87EDD4B1B0AF50B5451D07C418466B4D8083
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgeocodingmanagerengine.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qgeomaneuver.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2469
                                                                                                                                                                                                    Entropy (8bit):5.00032570040432
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:aP098RszhJhp2cLk2NMXk627BMHa15C31LJSeJwDz:QTszGk61Yz
                                                                                                                                                                                                    MD5:DC94DA057BFE795EFE04DBDC29F14D1C
                                                                                                                                                                                                    SHA1:02A8CC3E0B237BC95A2F5DF998B92A0F65A0DC0F
                                                                                                                                                                                                    SHA-256:E14E5851DC44D627300700A12345F5ED7B5481E31CCECA4F6A7720D06DF69F42
                                                                                                                                                                                                    SHA-512:C8862108A9F9AC5CC6EBEB70142C9B2275D2B2F293C189A94AB518401850DF9AA4E28E78249BF9DF7335B0E4D922E1125A20070CA8B626DED65C73DFACD004D2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgeomaneuver.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....cla

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qgeoroute.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2662
                                                                                                                                                                                                    Entropy (8bit):5.104773060985139
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:Y098RszhJhp3964pRaJoro1XiplOCBCSyD151yun1oJeDOy6Zx6b+yS:YTszp6RmgBZu6b6
                                                                                                                                                                                                    MD5:3E320903AC1DDF74DCC23678C45CAE5A
                                                                                                                                                                                                    SHA1:C45CDCFD0C616E5D83465196A70C0C6B50B8DD2B
                                                                                                                                                                                                    SHA-256:2F01DA96C4A4330ECB85E6DC2EFC7EEAB6E2AAB6C8E326B9CC411D436E873E82
                                                                                                                                                                                                    SHA-512:B7B973A64CC17C86B361BA8FB9FE37C74043EE2A885346A28D04558B3804CC8B2BC313F06D202B801F2E618E9A9C334A7CAD6FA617108152383AC8733F121467
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgeoroute.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....class

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qgeoroutereply.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2147
                                                                                                                                                                                                    Entropy (8bit):5.073084581753702
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:U098RszhJhpDAtmBWNVy3l6ZUaggdtTQejCqHhDSV:UTsznAMwyVuUaTt0iCQhmV
                                                                                                                                                                                                    MD5:119394CF7C9801759FD2D5BC086E4381
                                                                                                                                                                                                    SHA1:9424B7E8423056098B32F463E492933BA621174F
                                                                                                                                                                                                    SHA-256:F33F2561BACD5C9EC8AF85D7D9CDDB4D07A271CFE5AD34402E925B576E612BBE
                                                                                                                                                                                                    SHA-512:7572506C304440BAC4947F767D0566BFCEE6C51D8B325B330FE7B083486B5F7F264F3973799974B2D88FDA01F3E404DD001415D2DCA6D26C4D1C11ADF206FF9B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgeoroutereply.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....c

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qgeorouterequest.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5481
                                                                                                                                                                                                    Entropy (8bit):5.0753634085559485
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:RTszYFT/7jI0QP0iL816L8Mtanuap+JRyJkCJ8eJGGJKiJk:1xFT/7jDQP0iLanuapuRikS8OGGKyk
                                                                                                                                                                                                    MD5:357E2458D3728718D23323EEA7B9A7C9
                                                                                                                                                                                                    SHA1:FA986C3315AE44F87AC67A1F51FDD82A93FD9BA3
                                                                                                                                                                                                    SHA-256:52CD2FA098D1B70B3F0F14E8125C89A5D85736EBC1B312BB4044C4F65F111149
                                                                                                                                                                                                    SHA-512:F6C9FEF8842D98AB1A284FF0A32CB9415F9B8491E0FCE6C247B40E127C01CADE9C710EDB4E045DC493FB093F5F2E0FB6E13F8CD90883043B2126A1B77ED826E2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgeorouterequest.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qgeoroutesegment.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1849
                                                                                                                                                                                                    Entropy (8bit):5.091370220438124
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:d098RszhJhpo6kX6bsSBDiplCwVSy3XDz:dTszcVX6bc5zz
                                                                                                                                                                                                    MD5:D0735C065A31512CE6E0B9195CEC7E9B
                                                                                                                                                                                                    SHA1:BF3D1D9D930188CFEBA1F5C67E85AB90D714C563
                                                                                                                                                                                                    SHA-256:838EABDB10B7A7BEA89FC8775F0E36D706233D58FFF761CE3D10647F3BB3F32E
                                                                                                                                                                                                    SHA-512:245BA7E5991ACBC1393546E5D92FA2658853BD982158195C4288C645B63160A421960338E52F4039F8AB617E46672EB2CE2BFBD1EA544519B4984DCDFB7D3A47
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgeoroutesegment.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qgeoroutingmanager.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2215
                                                                                                                                                                                                    Entropy (8bit):5.097028719272747
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:KH098RszhJhpYqSXdCUUb/jXHDJfv+OHwWeczaCxb:WTszMrXUd+vCaCd
                                                                                                                                                                                                    MD5:CB19B463B9322F955313811214E29AEF
                                                                                                                                                                                                    SHA1:79AC1EBEF0B3345C16D14B9EAEA236F0214D3C08
                                                                                                                                                                                                    SHA-256:377AC7B12CF0158F9715B7CD982CBDC8CF4B1373E32584B081BF24F77A4B1DC5
                                                                                                                                                                                                    SHA-512:07706F15485D24031EDFE339776178B52286A1085A7F61136B36DB9DA4A962E2EF0F2E6B9A30C96751D48D4222CBFE613EC3032CBE2DFFBF7188B0BD4DA921FE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgeoroutingmanager.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -).

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qgeoroutingmanagerengine.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2866
                                                                                                                                                                                                    Entropy (8bit):5.0558477907690165
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:c098RszhJhpfAFQ/K5dCUQG6/jXHDJfv+OHwWeczaCea4+:cTszjAMK5UXGa+vCaCt3
                                                                                                                                                                                                    MD5:4C731CD6B10E06A0899C0F55016DE552
                                                                                                                                                                                                    SHA1:3DD76D1AB3E4E42ACD663F8CB3D670C190545E3C
                                                                                                                                                                                                    SHA-256:77F9EAC105BB0DC56AF560F6CB07C0EFC53D1A4A922874F16A41FFE9CB9C2C67
                                                                                                                                                                                                    SHA-512:2BC2A8EE0FD2B3613D25E4F56E774503DDE0AA57DF55174D015C9061E7BC11DDCEAFB9300F88AB30652ECAAA6F38F493B0BFA547E79397604454CABB592BA23C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgeoroutingmanagerengine.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qgeoserviceprovider.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):7505
                                                                                                                                                                                                    Entropy (8bit):5.074782112702968
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:P6hAPiMs3efxpx/fADYBV1Pwt5wMBvgYN49WKctoG8RRxMyZUT3OL:fivG
                                                                                                                                                                                                    MD5:F360034AFBE84641751CFA77DBA877E0
                                                                                                                                                                                                    SHA1:AA44ACF4C702328C5CC4820A1EBA8A5F54D4B60A
                                                                                                                                                                                                    SHA-256:F001FA5ADC531ED42B193493F573AB2B8B7FF38B98581EAAC3E371CF2BD2A431
                                                                                                                                                                                                    SHA-512:75138AA880BABE45C3E73C27008FB65A01C6883B42428701FAC8D81C1AF7D7336D70E22E06EF556C005F1514F4BD56026E16FC9FB68404F85F6017C8FB790079
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgeoserviceprovider.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_11_0 -

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qlocation.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1417
                                                                                                                                                                                                    Entropy (8bit):5.165882967970872
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:p+Mn098mXIpmNDzVZRURU2SnOkpx3sAqWGMIpLXlJh8EXHlsX:pH098RszhJhpHqzdHq
                                                                                                                                                                                                    MD5:FC841E83494874E0F040461FE987E8D4
                                                                                                                                                                                                    SHA1:E8ED905F3586E4A78AC8D03D7165DFE02764B6F8
                                                                                                                                                                                                    SHA-256:6E95EE2F9DD00C3BB45BF43A2463A3404DAAD5263DAE8BAE6C8014C25AAFA60F
                                                                                                                                                                                                    SHA-512:A95688C61F0F18A120CFFC8C8D8BD89A91D11708CC4F5BB95FEA77892E3C6911026B95646D95FDEB6806E286268EA46AAADC8CC601982068F6CA615964A3F140
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qlocation.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....namesp

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplace.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3368
                                                                                                                                                                                                    Entropy (8bit):4.948068620163015
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:ZTsz8N6HiftNBtrnfpkdkdcJZiknz6I4O8Qa4:d2ik3
                                                                                                                                                                                                    MD5:010A39596AC978D5B3BC67988139F299
                                                                                                                                                                                                    SHA1:6B2CCF0B6E1B3E504B3C86D789DD48B1B386C9EB
                                                                                                                                                                                                    SHA-256:10B095DA1EDDED46E88EFE401A5EEB5C09F27D2C6220A3134EC8B92646514F86
                                                                                                                                                                                                    SHA-512:84AA9A4F4780BC5C1E468C8A57997EAB798E26108104465A2F22D7E7CB5AEF54E9167E6420B5A06DA0D0C709323BAFF6EA4BE9F0D07C5BF96BD8307A34B4D23A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplace.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....class QPl

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplaceattribute.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1602
                                                                                                                                                                                                    Entropy (8bit):5.089025398075417
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:J4Mn098mXIpmNDzVZRURU2SnOkp/FAfO7Z6JIMdMZGXdE7ZgkS:T098RszhJhptAfmZ6iMdMZD9gkS
                                                                                                                                                                                                    MD5:22F560416BD0B54638739AAC0C9D064E
                                                                                                                                                                                                    SHA1:A0C6231534D02D18A2EAFF7417EE86664A577C21
                                                                                                                                                                                                    SHA-256:515E3198E488BDD2FAF6BBF2B3A7D433F3A5BBF0019EF7A6ECE4382C67E00658
                                                                                                                                                                                                    SHA-512:2DE5B440635F4774984C1AE9260E3069FAC4EE0DB45C350397181AFA7004EED14DBA18089E325F7C899CD9C1EA446609F4CA63DF30FFF77C43737B3F818624D8
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplaceattribute.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplacecategory.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1676
                                                                                                                                                                                                    Entropy (8bit):5.115297426900936
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:1098RszhJhpFOV6codoZeyunY9MyQyeLS:1TszQV6cq8mnUx
                                                                                                                                                                                                    MD5:C64A4B7A99981AB925A1A4965AB9B2E6
                                                                                                                                                                                                    SHA1:1D812582953D1D6163E0078AC4AE6D0AEC8D5BF0
                                                                                                                                                                                                    SHA-256:A9987BAF2FC8BF974EC716E56958ED805A8BADC6FD41EE84535F9FDDB0F7BB7F
                                                                                                                                                                                                    SHA-512:CBBBB1925F03B6216173AADDE5F100B8BE7615B8ADB91FADBF7E81EA2FE398F6FFADF43F5A8CCBCE3DBD8DE0F12EDCF1121493C2060A17198AA2CDD1F93019CE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplacecategory.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....c

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplacecontactdetail.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1654
                                                                                                                                                                                                    Entropy (8bit):5.074510661584741
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:C098RszhJhpue0/sDdaS56ZpSsdSsZD9Ap3aZ:CTsz0/scK6XH/hXZ
                                                                                                                                                                                                    MD5:740C7A0A39706CBCAD0854846C711734
                                                                                                                                                                                                    SHA1:C65843FFCD70FDCB569A4881A9ECD0070229AC09
                                                                                                                                                                                                    SHA-256:97F7EC0AFC9F3D82FC71369F57486653F082F7F3B8D172216B24622FFA21920D
                                                                                                                                                                                                    SHA-512:472F732ACA64805D9239D68459741BFE7293DC5524B534F2FE0EAEA96E64AD6C9CFD089086BA40F849771CB15C5884218EADA30BECB64ADE51891F34C542AF64
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplacecontactdetail.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplacecontent.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1814
                                                                                                                                                                                                    Entropy (8bit):5.075417239367122
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:CL098RszhJhpXC4Ne/yq6rrldlKnfwaOi4DvnIw:STszbBuyq6rrnyrOrDvnf
                                                                                                                                                                                                    MD5:824AD66C8AA21A9F81A203BE088A61DD
                                                                                                                                                                                                    SHA1:E91675E315549B3769AEBA7B8D08A576DD848D8B
                                                                                                                                                                                                    SHA-256:E0F14304FF717D65A195B1B856EB8CAD944BE47F8C7C76BB3CF2A1F7CCEE44F2
                                                                                                                                                                                                    SHA-512:A125687F5498FEEB74EA2C6A7AD628F46436F5A65CA00A6D3AC802798AD0B7C0BEA0F163C4542394CD2921C4396C8C29E3C3D4BF5189D788B93DD86A14C3C5B7
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplacecontent.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....cl

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplacecontentreply.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1818
                                                                                                                                                                                                    Entropy (8bit):5.079241710450422
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:J7Mn098mXIpmNDzVZRURU2SnOkpxZTz4M3Y9ghckZclkF/kBRk5R8lZh3kMlHCKr:W098RszhJhp3YkKghcvlyY08d0MphZ
                                                                                                                                                                                                    MD5:CEAA125E269F1B0BC03FF8786982F73C
                                                                                                                                                                                                    SHA1:E506B279D5C8266E7C3362A4892C5DDCA583D9FD
                                                                                                                                                                                                    SHA-256:E6620F02C323EF5F1D560C0DFD2835A2C57D82A756549EE2CABC4E16C1EFC5F4
                                                                                                                                                                                                    SHA-512:D50F6469F3FD4787EDCF20FE899E3F9BEAA54A53BC953FFCF6B892E7CECB764FD81CB1A871D97297028F53EF29A68391173915D03D0CFAE13CFC3012EFA807CE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplacecontentreply.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -).

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplacecontentrequest.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1707
                                                                                                                                                                                                    Entropy (8bit):5.083228897300831
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:2k098RszhJhpq2d+/v6prWdWyQmHEDF0I:2kTszW2w/v6prsRrkV
                                                                                                                                                                                                    MD5:E64F77504795DDB63E1F874C8BFC8B9C
                                                                                                                                                                                                    SHA1:9EA9740DD29F9F79AEA7123722543C32FE56BE4A
                                                                                                                                                                                                    SHA-256:948C77DDBE547582D90E00F37C7C50C8D95DF5200E8A6E817D47D8F49FB20830
                                                                                                                                                                                                    SHA-512:2A8FA0C645065AE4C1B5F83A78EA44B5ACC4B1C95FAFA4012D60E27E8C4DC5FF38EF2C41DC9A6E0CA2B8C370899D316BFBF518BF9C3EA2E763963C3C44203532
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplacecontentrequest.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplacedetailsreply.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1365
                                                                                                                                                                                                    Entropy (8bit):5.163197181804722
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:J23Mn098mXIpmNDzVZRURU2SnOkpRsTzVNaOukghcv6SJ:c0098RszhJhpRs1NaOukghcv6SJ
                                                                                                                                                                                                    MD5:7C35DC7909577E4C964AF1B4D040906B
                                                                                                                                                                                                    SHA1:B7F50C9EFA5D1E367DF4C569B8BA7C3532DD7BE6
                                                                                                                                                                                                    SHA-256:A3DE580F02B97AE696BE0E0C2A0C9B80AE62E87B8D9375D92262D9DD4E7865D2
                                                                                                                                                                                                    SHA-512:54E1C2886939B6752F8D847AA586F835852691F6CDADDE6F9F59ECAAEE73999244101F1A1A9F6E42FFF280F273586A3ADAB9A37FB8AB71E2F82A14A21AF6E6BD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplacedetailsreply.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -).

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplaceeditorial.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1443
                                                                                                                                                                                                    Entropy (8bit):5.122829085525908
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:JbMn098mXIpmNDzVZRURU2SnOkpK6n12SxhglM63Pgj2uDGkp1ib:e098RszhJhpT1Pwq6fgjnDPp1ib
                                                                                                                                                                                                    MD5:C104A00DB816FEB5BC88DCA93353D260
                                                                                                                                                                                                    SHA1:D7A42C1F2EEA27C43CFA87A0142605C7719783B8
                                                                                                                                                                                                    SHA-256:59145D374935743DFF46555D3AEF5C6218E40AB18555FABE94A1C24454E310A9
                                                                                                                                                                                                    SHA-512:83468B9C47038BA3EA63D7F496A4828F38B22CEE9A9905DBD6619D89A07139ED25A6514A10021DB758D0FDBE97E89AF488AE25F39109F2324B0D20A51634E4E7
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplaceeditorial.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplaceicon.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1564
                                                                                                                                                                                                    Entropy (8bit):5.134982621314574
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:8098RszhJhpCsXxHweX6MzeudeuG5PF9xiS:8Tsz0W6mL2t
                                                                                                                                                                                                    MD5:B60A1A28EFE3C24CE8C3E72DB7C3F887
                                                                                                                                                                                                    SHA1:804AD6538DA1518AB8198C9B3D1AE5737FFCD0D8
                                                                                                                                                                                                    SHA-256:38630925829D1BF77B8FF8BFF9224C3723A4390E52159F9457FE1202CC9E463B
                                                                                                                                                                                                    SHA-512:33BE3C184BD04B3EC58CB79BBEB719D1961D6E07C2A9DF019925F3EAC4565DC137DE8B000C54805B10D5ED725728E8E08234E0478775F48C74B1AFEE1795B785
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplaceicon.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....class

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplaceidreply.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1564
                                                                                                                                                                                                    Entropy (8bit):5.122206399298802
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:JqyMn098mXIpmNDzVZRURU2SnOkpbTz748PnsL8wghcEZqW:c098RszhJhpbM8ZwghcEZqW
                                                                                                                                                                                                    MD5:4896356B27354D6A67F6656908D587FA
                                                                                                                                                                                                    SHA1:A163CE0D71C76B74C8BCF449F0FB4AE8A447043D
                                                                                                                                                                                                    SHA-256:40F4661AA823ED32EA85D635370DB2FFB88729E79A783B759ED8D140B4F3E611
                                                                                                                                                                                                    SHA-512:AB0850B4A53A087DC958D07F1EDEB7289FB29D7C4E93413ECCB3052CCAE6B0D9EEB89E74063EDA6BDB6C5E8851CE8F812AF00C75DA2C76573204EB3A07552B51
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplaceidreply.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....cl

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplaceimage.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1420
                                                                                                                                                                                                    Entropy (8bit):5.145717175964732
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:JfMn098mXIpmNDzVZRURU2SnOkp3SM12+UlM6I/KoR2ESncDM2b:u098RszhJhpd/Uq6I/ZRFSnT2b
                                                                                                                                                                                                    MD5:9A5A0E4E08B9440B44959B02454126CE
                                                                                                                                                                                                    SHA1:B398028DDDDBAEF2AE8353F027F6444E9FC911F6
                                                                                                                                                                                                    SHA-256:A19DF00975F7559235B2A8ECA21632D1B60448A69BB1214A8FC4752E3491FD49
                                                                                                                                                                                                    SHA-512:20D237EC3017C402D5F3A4D1FDE66B5FDB8DC1F6A67692CF594E60FEB1529938513CAD6F18C297D01A65E2B74D2AFBCD78E107A4A44357F45D1268E3F829F5E9
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplaceimage.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....clas

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplacemanager.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2986
                                                                                                                                                                                                    Entropy (8bit):5.04983446226643
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:EH098RszhJhpSqSpdCUCi1GvVpUK4UN0Z+gRDlwDZNT/O3oiBIH7KeUT9CKgngt:sTszmrpU9iANpUbU28gZlUOIbeT9CKgY
                                                                                                                                                                                                    MD5:FE79BF39600798395BA748E33957491A
                                                                                                                                                                                                    SHA1:ACBF85D54FF3BB7457CD1F7C59FB264849CC4629
                                                                                                                                                                                                    SHA-256:ACEB930639979A6885D574E0AAA962F4CD368C0453BCC883062E1551FAD1F426
                                                                                                                                                                                                    SHA-512:7F454A41D739CC3D9782D77CD7FB8D698901838D903A78275B1789EF37EEEF34A2201CDB4B992395DC6F7C161F6A27993183E3498013B48DBC26615965E95151
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplacemanager.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....cl

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplacemanagerengine.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3286
                                                                                                                                                                                                    Entropy (8bit):5.034427435574681
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:OTszDAgKPUXgTitgPLgGpUVgHUVgTbgzg4gJg3ghU1ygbdb26nghsgG6eT9CKg/2:gIAfsXgTitgTgNgEg3gzg1g3ghU1ygbp
                                                                                                                                                                                                    MD5:D0DF37B9BF72925971083C8A2E87AF6F
                                                                                                                                                                                                    SHA1:5E48092F19BCD4EDB8B87A9390285CC44F8CA876
                                                                                                                                                                                                    SHA-256:7934DFFCCB553DC7B494D7C6E1A42E3B9371100D8A646DE9107B165324225394
                                                                                                                                                                                                    SHA-512:D5018AE4BBAECB98E61B7D720003B8950CDA23487CA7825FB72F156B75E5C275554279EAA18A65C0945E442B87D21AFEE68EDADAEB0B1788B59F27195B55B2B7
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplacemanagerengine.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplacematchreply.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1471
                                                                                                                                                                                                    Entropy (8bit):5.179807603597747
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:JvMn098mXIpmNDzVZRURU2SnOkp2KTzw74PCghcCzI/PpCk3:W098RszhJhpvQkqghcCihB
                                                                                                                                                                                                    MD5:F71F042FCE746C6BB8D8AEED55F5CDBC
                                                                                                                                                                                                    SHA1:A9D4BCE166CA13E508D7BE3E0F6EB5EEEFCA47E3
                                                                                                                                                                                                    SHA-256:B908432EC21531E6F36E31ACE60FC7E8CAA37FCB3FF6A9B01743DC9DB976D383
                                                                                                                                                                                                    SHA-512:151AD7B9535000A7214866C5743AD71D54741768C3E293067A6F3BAB1B3D7E40E251F02AF7255E941AA5F4CAFF227091DF43AFD51E5FC45AC5F32878D6261EFE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplacematchreply.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplacematchrequest.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1647
                                                                                                                                                                                                    Entropy (8bit):5.132366141152942
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:JZmMn098mXIpmNDzVZRURU2SnOkp2B2I8+LZoBNCo6QoUICndCnCXfx968lvS9xW:f098RszhJhpiMU6jX6truduCXC8g9xW
                                                                                                                                                                                                    MD5:3DB5E4A7BEB87E76BCD403668A3755C1
                                                                                                                                                                                                    SHA1:A9186363C9013EB92E1B5432A55B972F3C382746
                                                                                                                                                                                                    SHA-256:D9A4D6C9643C720C8D07F57611921305A2605AACD41DBF8D815FFFDB6ECCC9D5
                                                                                                                                                                                                    SHA-512:DEE667A41358182907A31EDF1CF079D2ED0EE865669CA5ED66E67382E19A6BFE8784C12E41DF6165DF562FC3F0415E3398363EB472C624451725AFBE100611B8
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplacematchrequest.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -).

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplaceproposedsearchresult.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1420
                                                                                                                                                                                                    Entropy (8bit):5.137325697210552
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:J9lMn098mXIpmNDzVZRURU2SnOkpK8fp68p2oXp8wx8l168A638wO6VtEsK1673:a098RszhJhpK8fA8pLp8wx8lU8A638wD
                                                                                                                                                                                                    MD5:409D3C22C35EA5F9B15E05D0DC52BA22
                                                                                                                                                                                                    SHA1:360E027B9CAD37268CB6DD851D6B5A1AD211BC88
                                                                                                                                                                                                    SHA-256:BB46E4B4C73E4184ABB68A64871B85EC01B6DB10D9F2A6C311C029BE2F275FD2
                                                                                                                                                                                                    SHA-512:9EAD43D8AE530FC13E7F13B711071924B3EF479AB59A6B67E76A8B9636E0D2C1EE680DC0F61C1AFC1323EEDE4FCDC91CC6810F39BAF3684B66CB2441E0E54641
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplaceproposedsearchresult.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplaceratings.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1509
                                                                                                                                                                                                    Entropy (8bit):5.125484194660606
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:JQnMn098mXIpmNDzVZRURU2SnOkpnJldIgIzP6l0Iz2dz25HbMWwxizS:2k098RszhJhpTdcD6t6d65Hbq6S
                                                                                                                                                                                                    MD5:55DB4F5EC56FDC80051008473FF1DDA9
                                                                                                                                                                                                    SHA1:FE9EABD1B84289E73A00E9C4FFB5352F254F5284
                                                                                                                                                                                                    SHA-256:59305CA3BD6303206287F3011B86F2789957BAA0EB75009E40758A725275AE26
                                                                                                                                                                                                    SHA-512:76F043B462F1E304C100132F35C0893036CCC2265EA8F273324E839BC45C9EC67B0981D06D8278DFFE262C03BC366E8A27CE5E6550580B4381A0A770A4617075
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplaceratings.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....cl

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplacereply.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2215
                                                                                                                                                                                                    Entropy (8bit):5.025783421494948
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:H098RszhJhpvcAkNBpb53WG6bQghcZUagO16ues9CjyLI9O:HTszzcAmD3WG6MghQUa31lV9Cb9O
                                                                                                                                                                                                    MD5:EC4C16A3C480A22724BCDCBCEE9CB5C2
                                                                                                                                                                                                    SHA1:B65BB91109F564F2407698479559CA8FE95C5E9C
                                                                                                                                                                                                    SHA-256:B29FBD01FAA3DFD83051E914DA842BC6B404499AB7656238F646B1869FE64715
                                                                                                                                                                                                    SHA-512:08725FFE79E0E2E9170641288DDA205405D91C1BEDAE2FF009B9C32E1937875380D853D9651E6C388099344619A41F14057DD78255F9663B3B7FF6936F4E3888
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplacereply.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....clas

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplaceresult.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1431
                                                                                                                                                                                                    Entropy (8bit):5.1165880049876495
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:JpMn098mXIpmNDzVZRURU2SnOkpxp68p2KT0168A6t336qZGo:E098RszhJhpxA8p9T0U8A6t336qZD
                                                                                                                                                                                                    MD5:CEEE4FDC8B54ADF2AF1C0F8FCA9F4017
                                                                                                                                                                                                    SHA1:18DE251EB9754C62B7F7196074BFB3C79C255548
                                                                                                                                                                                                    SHA-256:3429D36DCBD95DBE303BFB4C2768FA35AE22F41363B2ECD45351316F557A7FA0
                                                                                                                                                                                                    SHA-512:5D6FB67983B78EB638359E7ACEBE594C64F438427DEFEF4DBF0C5F2B98FA7C1C21C0DDD5A11B09F47CF085FAA8E76947274016E6D4A3F399249ABF2290BB1EE6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplaceresult.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....cla

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplacereview.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1643
                                                                                                                                                                                                    Entropy (8bit):5.094310911971455
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:B098RszhJhpoupAHq6r3OgjPp1Zkexnn2b:BTszM2AHq6reKPj+anY
                                                                                                                                                                                                    MD5:8D43C8E235A9AD7B2E1082F3383107C5
                                                                                                                                                                                                    SHA1:3D4FE4C1AC0B66F3CAD31CE00CAF5B0B35D14F03
                                                                                                                                                                                                    SHA-256:668CCD9F6AF2C51F2C06BBB0728F76C27F82DCCF754E3424740444FF082042B8
                                                                                                                                                                                                    SHA-512:3E62293835E21B40DDC07F26D4D7A60A996668745AFF68A0204D5736E9A11F9577C246A9E97946CE262F718823AC7D82E589C58032D2B4B84A52C7185D9BA0CE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplacereview.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....cla

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplacesearchreply.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1742
                                                                                                                                                                                                    Entropy (8bit):5.134396812720171
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:f098RszhJhpod9tjRZghcY8BA4V1VLVrGC8zUHUXUT:fTszsdbjRZghp82ILpCC8zUHUXUT
                                                                                                                                                                                                    MD5:C33A2CB065D8DABA4D3A88DBF9F801A0
                                                                                                                                                                                                    SHA1:6D919E05FE45F5B48A964878A19BD9BA0A91C0C7
                                                                                                                                                                                                    SHA-256:113504E226AB3C4F18B4CEA45DFDE8ADA1F56BC1C95CDA2727C58098D49314F5
                                                                                                                                                                                                    SHA-512:2D26ADF08461C246F455FA9FE2049E142C5712326F73580407C1F13109EA94FB63D639C3667211F833DC289CAD4C6916030596FF4D881DBBB62473F31654647C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplacesearchreply.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplacesearchrequest.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2337
                                                                                                                                                                                                    Entropy (8bit):5.049201909622112
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:S098RszhJhpo4zTpdDKUp6ydrU8dU8Zk62pyccyq2tMR+/p5c2TmxLJVolEbI:STszs4xdDKUp6ydrUGUwkKR+/rWdJVoN
                                                                                                                                                                                                    MD5:B5A5F20B3DEE63FD9002811E4F9617DF
                                                                                                                                                                                                    SHA1:BE2C0D332A35981CD246650E1FAF0C63F0EFC26F
                                                                                                                                                                                                    SHA-256:8096596C07CA015C313AA60FD7495C593423522E1F0AC14500EC82A3C99D171D
                                                                                                                                                                                                    SHA-512:41EF9A368B093B35288668BE0290900494B30BFCA640BC989742FFCE34E55532AF11497B6E60DA2793F31D6A3171F2D1C9B17B3772620A51A4C1C4347C5431A4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplacesearchrequest.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplacesearchresult.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1682
                                                                                                                                                                                                    Entropy (8bit):5.078178272704751
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:8098RszhJhpo8plb8wD8lU8A6R8wrU8vdU8vb8E8B8I8j38pZn1yQyeh:8Tszs8p58wD8lU8A6R8wrU8VU8z8E8Bj
                                                                                                                                                                                                    MD5:C75209BE42F85FC15B8B9BDC9ACE34FD
                                                                                                                                                                                                    SHA1:FB8F7DFA2FA94B96D4C74A8C4E3A69D7598220D4
                                                                                                                                                                                                    SHA-256:58254260A05E109B0052FB86DA29C37AA54688D430AE1C0D6DA823DB1F4FCADA
                                                                                                                                                                                                    SHA-512:989B111412035D37537688E59420DD059310A398CB74E3059637D729175F0C4A0F9B9BF5CDD9E97DF2A329E9F6E2FF74C186C25A58DC4EA53AAD4D9208B4DADF
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplacesearchresult.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -).

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplacesearchsuggestionreply.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1438
                                                                                                                                                                                                    Entropy (8bit):5.164002593093854
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:JH0Mn098mXIpmNDzVZRURU2SnOkphCTziOcwIHMQghcFeP:3098RszhJhpQRtMMQghcIP
                                                                                                                                                                                                    MD5:C4AED09B1FD5BD9C3CE29F1531A8A7B8
                                                                                                                                                                                                    SHA1:6FD77E92911F9C39603BD6E3459D47AB4552659A
                                                                                                                                                                                                    SHA-256:8D2BE6C7C9C7383EEE098388D07FFCD9EC553783112F29A0DA9B40B522B29E9D
                                                                                                                                                                                                    SHA-512:55F6EDA841C3B6F21F1ACF60CF54699DA1C93793755C7010FB2A1A7634D2CFD1A3B38BC6FBE0B29A7E98CB6C812A918427FC5E9460176467E7354C449DDC4084
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplacesearchsuggestionreply.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplacesupplier.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1621
                                                                                                                                                                                                    Entropy (8bit):5.1067351526893585
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:9098RszhJhpFG16fIdIZY8udw/ZkyQyeLS:9Tszo16fKcFm+Xx
                                                                                                                                                                                                    MD5:6A2CD0242F72CC1527603EF6B6A7CA7C
                                                                                                                                                                                                    SHA1:77CB3A3AA9AFB2752BFEA3EEDA6C400123128782
                                                                                                                                                                                                    SHA-256:C84895D80A8EB31E5FB4D0CE94ED730A52A8D114F84B06F2DF3E87E53999FB64
                                                                                                                                                                                                    SHA-512:96CCA31DC371A5B6444EB35A15B1CCA2F9AB56C99B3709FC5B64454BD35751D449D531E2FA06FCF72FCECF8CAF665D87D79F51A36546AB5A9FBB544EF6FD4787
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplacesupplier.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....c

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtLocation\qplaceuser.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1418
                                                                                                                                                                                                    Entropy (8bit):5.137155748580127
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:JmmMn098mXIpmNDzVZRURU2SnOkp3I78mflDA6FNIDvdDvZEzdEKnY65:4v098RszhJhp368mflDA6FuDvdDvZEm+
                                                                                                                                                                                                    MD5:78199C83D7BAFF0B849230856E727435
                                                                                                                                                                                                    SHA1:6258EE57A6CB537A9BF283F705F8EF193B2FA23F
                                                                                                                                                                                                    SHA-256:89F82167688885DF0CDE2FA7F2A5EFB65BFC11FC8B83E744D26B65225D8853F7
                                                                                                                                                                                                    SHA-512:3A8A4F4F4D89AE8D889F71156EBD6580F1932F22DBC15569CE34B08E1E0050A107C99510B0F87CE106564299912F0DE1623ED20DC8C49C137232DD648AC6831B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplaceuser.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....class

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimediaWidgets\QtMultimediaWidgets.toml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):194
                                                                                                                                                                                                    Entropy (8bit):5.069633939187143
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:SZDim82QIRGscR4NthyIXo+Cm4o6Tdk6An:ADim84RxbLwIX2G6A
                                                                                                                                                                                                    MD5:49777BF1B56D34183A363D2AB801A2D6
                                                                                                                                                                                                    SHA1:C637011071E675B978CEDB6E07EF1ABE09FA0936
                                                                                                                                                                                                    SHA-256:EA7954DC68B029267557660F66FC584FE073AACC06B0806ACFCFA9AC51E087CC
                                                                                                                                                                                                    SHA-512:E72D42D5686CF4286A19A3757D994023B164BA5BC4C0E0328D066CB0AC11B0F391A5E0775786C9D81D195EF3F195A6B28FEAD1906E3770B0C76F327FEB0FEED1
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:# Automatically generated configuration for PyQt5.QtMultimediaWidgets.....sip-version = "6.8.6"..sip-abi-version = "12.15"..module-tags = ["Qt_5_15_2", "WS_WIN"]..module-disabled-features = []..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimediaWidgets\QtMultimediaWidgetsmod.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2194
                                                                                                                                                                                                    Entropy (8bit):5.154532499857463
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:CWX098mXIpmNDzVZRURU2SnOkC9e/VSI986wiND/fZR02ASBOk/KViUM2c2F:Z098RszhJhC4h98tAzhAS//OZPF
                                                                                                                                                                                                    MD5:BF8B02DB1C0B6651624886BAF75CAA5F
                                                                                                                                                                                                    SHA1:149382CB2C2B033FFCD451B10C4EDE8328DA6084
                                                                                                                                                                                                    SHA-256:9E5D6215F5FC3AA8FE38C480A566327D67E21A90328EDF94608DB3A6B735736E
                                                                                                                                                                                                    SHA-512:8BFFBE3755B5FE2741DB0A02788E48EDD1DB4091467C134F3B99D5AE5C54B05D2CF7B71E00C779E00E398CC1F042BAB10F5E3BB28E9EC50965BD7E4B558FD76E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// QtMultimediaWidgetsmod.sip generated by MetaSIP..//..// This file is part of the QtMultimediaWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%Mod

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimediaWidgets\qcameraviewfinder.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1441
                                                                                                                                                                                                    Entropy (8bit):5.225498924130272
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:keX098mXIpmNDzVZRURU2SnOkIES2okLc3eoXmfyj:j098RszhJhqZkLcOoXNj
                                                                                                                                                                                                    MD5:ECC98F4CE8C2ED0BD7980B2E18624273
                                                                                                                                                                                                    SHA1:674422B8DB18DB0CBF4D3B6347B7732A8446672F
                                                                                                                                                                                                    SHA-256:9437EB36BDF669D57C4903E7CD54DFF07BFB33C0A73C3380035013127A7514BA
                                                                                                                                                                                                    SHA-512:C3860C875ADA86CB1DC1E23313B74C88F9F17111587E1602F7DED20A47E692EDFFEC3F4593A6D14FC81C967322373B6A6EAE3B77930DA639E1DD4D7C85B6CFEE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qcameraviewfinder.sip generated by MetaSIP..//..// This file is part of the QtMultimediaWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCa

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimediaWidgets\qgraphicsvideoitem.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2315
                                                                                                                                                                                                    Entropy (8bit):5.205994958945442
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:8098RszhJhf9kTlOqVMYXElQgQrxIQa7RXNiVDHG:8Tszlal/nLrxIPXGm
                                                                                                                                                                                                    MD5:048CC131231F7960E157A1EBE9F88118
                                                                                                                                                                                                    SHA1:177AFBDC5D783174D76BFEC64BF066E9382F5E79
                                                                                                                                                                                                    SHA-256:D406E9F00E4F12609085CBF6E58B92E6D321FF07753F5E3548E8A31263EAFEA2
                                                                                                                                                                                                    SHA-512:DF2D58BC6E9958273BDB62149843B23A4E46C533B2581CBEC3DD734EEDE721DBFB5A0D87615D49CFB30EDFD5ED3B7DAAAFA8516D8D01F94BF48FB7F9B77EB40E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgraphicsvideoitem.sip generated by MetaSIP..//..// This file is part of the QtMultimediaWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QG

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimediaWidgets\qvideowidget.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3274
                                                                                                                                                                                                    Entropy (8bit):5.072438790787977
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:i8K098RszhJhoqytb+Q/66OqbuKwQFNdjSpc8XdIVIvITIZIlIXNiVDn:dKTszi66fyXdIVIvITIZIlIXGn
                                                                                                                                                                                                    MD5:D552FD95728CB616034424C673564953
                                                                                                                                                                                                    SHA1:9044C0EEDBDF2E4FA2D046944F1C6586138C9E3C
                                                                                                                                                                                                    SHA-256:E1F02DCC8395A805AF91D2067724A439F79B41EBFAE10B0888711AC997E78967
                                                                                                                                                                                                    SHA-512:78C81A1DC29B9367838BE6FED531203804160D39C7C4C9BD4DEB1B70FC88957FEB51F354F947F77DB733A44B16A8566AEA566AD8FA0A34AAE655D076FDBE4B00
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qvideowidget.sip generated by MetaSIP..//..// This file is part of the QtMultimediaWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QVideoWi

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimediaWidgets\qvideowidgetcontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2078
                                                                                                                                                                                                    Entropy (8bit):5.017547237771276
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:i8T098RszhJhgJS+PiJieXkArZGAASxMS2cc:NTTszy4+PiJieXkArZG7SxMZ
                                                                                                                                                                                                    MD5:806246371D067896D8AB088364492DD7
                                                                                                                                                                                                    SHA1:FA978E6F559B920D3779856EAFD3F2E8A6E9229D
                                                                                                                                                                                                    SHA-256:45CA6D22DEA20FF975B54822F112FFCF6D59045445073A5BC4C7758121230CE5
                                                                                                                                                                                                    SHA-512:A6248121A2FFAFB1F8769A963026D54403ECDA11B6669F6FA172ECF7EE4207E3EBEC3BBB10BF1D6545E32C3F2586A47D0E1B61A9164D2DAA003BE34856AEF0CD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qvideowidgetcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimediaWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class Q

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\QtMultimedia.toml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):187
                                                                                                                                                                                                    Entropy (8bit):5.078350016449667
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:SZ3GMiyT8QQCQIMQDKNsQJRDZXMKxwehyIWWMKxtHO+Cm4o6Mvk/dkC1WiE4yn:SZDim82QIRGsc/XNthyIXo+Cm4o6Tdk/
                                                                                                                                                                                                    MD5:7B0A06A102479AB292B243F07D27C6B7
                                                                                                                                                                                                    SHA1:BCC0F0F76AAD8A5EDF18457A429ABAFA2FB00876
                                                                                                                                                                                                    SHA-256:92780CE3BCCE7418230B65CB701EC618E2DD1ADAE252BD88E8E437E1221C0BD3
                                                                                                                                                                                                    SHA-512:AF91ACCCE8BAE26F15E8CFD1CBC22B86F572A86268FC2FFCC386FD907B5A0381622323B910029676ECF03EEE411AF18E87CFB5A828BAB79DFCB13824405BF09E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:# Automatically generated configuration for PyQt5.QtMultimedia.....sip-version = "6.8.6"..sip-abi-version = "12.15"..module-tags = ["Qt_5_15_2", "WS_WIN"]..module-disabled-features = []..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\QtMultimediamod.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4600
                                                                                                                                                                                                    Entropy (8bit):4.973316120784139
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:+Q098RszhJhC7nXxXJ98tAzhAS//OMWERlP4zEfE:zTszU7RmAleMWErKE8
                                                                                                                                                                                                    MD5:AE56E4FB70DA42847D56884F1B79E755
                                                                                                                                                                                                    SHA1:86EED954B1702903ADFDD0922FBF49E478E72FD3
                                                                                                                                                                                                    SHA-256:1301EA0F1355E3A313BE09B95937959270F2182252C0037682ED9740C49F6025
                                                                                                                                                                                                    SHA-512:644FC4ADFBAE39E443DC6AD0C06F1AF08DFBE23A279756CF8AE6B0CDD5F369A8AC44FA13689DC13D1537AAAA1B31434A0E9952FBB8505495A8C5C432C21CBA14
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// QtMultimediamod.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%Module(name=PyQt5

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qabstractvideobuffer.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2558
                                                                                                                                                                                                    Entropy (8bit):5.0636851193398975
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:RmQ098RszhJho8/8tlYl0aYllmB6qQvVVBE1dJOAEuxzJSQQP:RrTszik8tlYl0vllmB6xvfm1dYszJSbP
                                                                                                                                                                                                    MD5:46B0EF04EC8E9506744BFBD8EB576FC0
                                                                                                                                                                                                    SHA1:56DCC7A1D91C250D5E1F28815DBBD65D31653020
                                                                                                                                                                                                    SHA-256:D78BACFE533E4DF85D140AC38C3303AD4D01B6178DB0A06A2CC338789913CB6D
                                                                                                                                                                                                    SHA-512:590C8C4F9C8DD51A6A6E5F5B11F1036FFBE5F37B9356A015178BAB643FCBDCADBB7D32635F921F54BBBDE7972939DA27B8B921A77452959337D2C9230C70F95E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qabstractvideobuffer.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAbstra

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qabstractvideofilter.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1987
                                                                                                                                                                                                    Entropy (8bit):5.236340647973945
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:oHQ098mXIpmNDzVZRURU2SnOkpfsBc2vmJ8EgaxYA2BPA1pQVFj:wQ098RszhJhpcrvO+axYASPAnQVFj
                                                                                                                                                                                                    MD5:7E32792DCE92C2C10D8E750F9CDB11C4
                                                                                                                                                                                                    SHA1:66A9348DAAB95984FCDDE891D40DE3954385F239
                                                                                                                                                                                                    SHA-256:AE12A538DB6AC6173D7FD3FD96A0E975CB8F92C0829BF71C13E723B789F43DBF
                                                                                                                                                                                                    SHA-512:FFA7B7329CC50598436959E42A93EA02DB46FE5AD9BF680D9734920EF76710117938B37EF66753E1D83ED19BC9197462D864229E2C16CB468ACF73CC47EDBD96
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qabstractvideofilter.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qabstractvideosurface.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):7910
                                                                                                                                                                                                    Entropy (8bit):5.106945935565657
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:AMArus29eZgV6bhDk6czZn3+muXPJXFbXhY:Kus29eO6bhDTczZn3+muXPJXFbXO
                                                                                                                                                                                                    MD5:01148E4782FAD5E8810A79B887ED59A7
                                                                                                                                                                                                    SHA1:61F4129A6C8EB29AE358C9696BDBACBA89C1099B
                                                                                                                                                                                                    SHA-256:6828499FDDE28AAE799C08984D5FF20F42273F751046212C9D4D11CAD75E3E9E
                                                                                                                                                                                                    SHA-512:4F7F70C19C6C3B552E84759E119AF4D7C487E5C9FAEA1B690D500786C1D286C0882EBC9057BE0F6C62E5010B51177C3C710B7DD72DB651BE367F4CDFC16FA5F5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qabstractvideosurface.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAbstr

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qaudio.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2067
                                                                                                                                                                                                    Entropy (8bit):4.919568040892009
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:nQ098RszhJhNOXZGPV2hggc8PMa3RzQidn:QTszjtPMhxMRidn
                                                                                                                                                                                                    MD5:475AAF8AB9D326D5C7414D4469F88FBE
                                                                                                                                                                                                    SHA1:F6C15025BF780F78EDEF4E706E8411543214F82F
                                                                                                                                                                                                    SHA-256:B6C0E457886D575F157105486BA70A3EC808AFA65B214ABC71F095D6598E09FA
                                                                                                                                                                                                    SHA-512:0E9EFF8B74A0852508C7CA8E3876EADA0F2B52EB37C18C8C2BCCE70180AA4D41900A2E7D106D8E13027BEFA4169DF72995E71505D964156051570AC78F6C984E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qaudio.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......namespace QAudio..{..%TypeH

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qaudiobuffer.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1599
                                                                                                                                                                                                    Entropy (8bit):5.13046775455429
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:EmHQ098mXIpmNDzVZRURU2SnOkaL8vn6Cu4JpQ8MV3h:EmQ098RszhJhI8P6Cu4JpHMV3h
                                                                                                                                                                                                    MD5:E4015CF20D4A6FCD28EAEAA7C470E039
                                                                                                                                                                                                    SHA1:595CE0A52875EE5F293CBAF3F24AB20D6167F4F8
                                                                                                                                                                                                    SHA-256:46D6A191DFCF1718432E071233B5FF8CF6F5BAE06BDF3E6A16EB3F533ABD70FA
                                                                                                                                                                                                    SHA-512:ABB9C291D567B9CBC9D8E3007B30A17FB2934FB847D3A1DF82C2FBB3795E36A54220C6D97113B6917DEC0E79592F1C60A4200FC462B0C921FA1667BA36EB02AB
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qaudiobuffer.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAudioBuffer..{

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qaudiodecoder.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2663
                                                                                                                                                                                                    Entropy (8bit):5.055396450375884
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:nQ098RszhJhNA90dL/oTZbszBeg6ZUagcpH2IHgvHDXI5Rz:QTsz3AYoFNguUaMbXI5Rz
                                                                                                                                                                                                    MD5:B664FF2C2E3198C03FA614314EB8E83D
                                                                                                                                                                                                    SHA1:337D1C3DFA495A054DD6B92403333AF4388DD4CA
                                                                                                                                                                                                    SHA-256:1DE253599BADE6A615064B032F76910A2006F6E3F07D41D9A9E8CEF3A6B8D735
                                                                                                                                                                                                    SHA-512:F7E6672D4E4169DA10AC8C1D72120D105392CCC6D31FB3287476818FF9DB617BE69E65101CD199DED7F1B8E6643E0B150CE00D999B212E91E9B3E419F7329CA3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qaudiodecoder.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAudioDecoder

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qaudiodecodercontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2249
                                                                                                                                                                                                    Entropy (8bit):5.049558275378415
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:4Q098RszhJhESJY1Gd7bagJaJSmoUQJXvGUydVIa:RTszDJY1G9ugJaJSmoLJX+UgF
                                                                                                                                                                                                    MD5:BA99BAA2B27BF573A7FEC7F9AC2DDA76
                                                                                                                                                                                                    SHA1:3FDA55F7E7A71B9AF2B3854B4542EA1BC59C8EAB
                                                                                                                                                                                                    SHA-256:37950526F7788C79A9270100C279F6C95EE8D536882F25FF4F0E2EB5E0DCEFA4
                                                                                                                                                                                                    SHA-512:10BACC28309CBAE644D45E8CA8981794F634A2233E5468D71E54CBDA6B925212117F79CD1C51DF6558F6AA26886F6896897F7DEADBF8A820E784478A1BA3980C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qaudiodecodercontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAudioD

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qaudiodeviceinfo.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2074
                                                                                                                                                                                                    Entropy (8bit):5.121101002765518
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:FQ098RszhJhCPOf65ZRAwhq7Zu/5VMCHASzl4Ta05CFpS8+yDn:6TszoPy6To9uBpz8awDyn
                                                                                                                                                                                                    MD5:926337835DBE4318F0DA7A1DCAA82996
                                                                                                                                                                                                    SHA1:7FE725B38093629F37D2EDA3509E03F878615D17
                                                                                                                                                                                                    SHA-256:A2372D7DC2060DF6F1B820C8EA00772E77BC0022ED951254A41BDD70D2132714
                                                                                                                                                                                                    SHA-512:D4CFE820C94DCB7104B8354230A8FD4B600AAC705ECA614E7902C3CD5FB2B92EC9A0F5F8D64A80452B04F04E8976092CA802580E0AAA88014D1CC1E39E021AFC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qaudiodeviceinfo.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAudioDevic

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qaudioencodersettingscontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1670
                                                                                                                                                                                                    Entropy (8bit):5.083329210236749
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:hHQ098mXIpmNDzVZRURU2SnOkJASuiL8eRs1VSpBJ:5Q098RszhJh+SuWtR6SBJ
                                                                                                                                                                                                    MD5:11398F62D608DF2CB485CA5D76FE67F0
                                                                                                                                                                                                    SHA1:E4FAFA10047722A7EE0D843AD3A1BEB302D5C65C
                                                                                                                                                                                                    SHA-256:3E8636E8207BCD7FA625776FD613C9A5D42692BF6B13C9F38F496A22455A61BE
                                                                                                                                                                                                    SHA-512:483D19723FD00E47EBB3DEFE787E964C5F57F33D1A7D1501814CFC2E19A87ECA70B60BFD180F16E237476D9CA792409DFC672BB4845D6EF9E526458727F67A80
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qaudioencodersettingscontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qaudioformat.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2337
                                                                                                                                                                                                    Entropy (8bit):5.039999760596834
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:SQ098RszhJhMgQPDFdB6R+4BmDWB7vEmUXmOQmO/m6q6pgqmpWWSN5pfG:vTszqtDFdB6R8WTTtYvA6
                                                                                                                                                                                                    MD5:27F53AEA38E8C05E5D57D8EE555ED3FB
                                                                                                                                                                                                    SHA1:C102A81286CA6CE388357E7E22A8CB4B706AB607
                                                                                                                                                                                                    SHA-256:1381E9638C44F74884053DB503A1B7518F052C1DA4866C9F2E66EE05FC1EABE9
                                                                                                                                                                                                    SHA-512:EFBABBA44574FBAB1E3C70A21579C2A70A5290A0C830FED1DD697020C90DBE0EB3E675870A3226CAC021239A7D4C90A3B2B5A086BF76DCABECD5BD4ED0A7A61B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qaudioformat.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAudioFormat..{

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qaudioinput.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2003
                                                                                                                                                                                                    Entropy (8bit):5.097960016580604
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:LQ098RszhJhPAvxFbZcx4Cmyfws+mYgD+u16skG:8TszFAOxcyNL
                                                                                                                                                                                                    MD5:1A34B3A509EE2CF1870981C2E8638032
                                                                                                                                                                                                    SHA1:FA763A4BED07AC22AF705DF1776722D589A493AA
                                                                                                                                                                                                    SHA-256:BE644D73B47D1EC6E5E6356EA6AC90D17B93944DBA77F4813A4533DDC2264A26
                                                                                                                                                                                                    SHA-512:1C1E3BCE4879B48A0376605EC449A8D8A588E14C9F5C53C2A3E4E84E939AB0942A270EEE462AB0CE686CB5640778FE13C51B62523981FF26B4A18502946D24DE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qaudioinput.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAudioInput : pu

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qaudioinputselectorcontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1663
                                                                                                                                                                                                    Entropy (8bit):5.1028399324612925
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:JHQ098mXIpmNDzVZRURU2SnOkhUSWesOHv5HIeY/umS2imL1sHWJ:RQ098RszhJhOSW8HvtIeYGmS2imR3J
                                                                                                                                                                                                    MD5:C91176994AE641F894ABA1BC27486279
                                                                                                                                                                                                    SHA1:74FC2EA35340A309D54A3CBB29AFD3CD721A55AB
                                                                                                                                                                                                    SHA-256:69178CE3D5541B793055233A7614107D2A9A5F33DFD2026B20690211E9F2FFDA
                                                                                                                                                                                                    SHA-512:F35EA8CC1A3D4A7F3F150D01CA66C5668A53D2E248930CA6610C94E9B851D35D8ED8A46A5F1DD2C5B61CCD255823D5F125CB3B2A0EE2C452949817DE6A07F9AB
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qaudioinputselectorcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class Q

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qaudiooutput.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2080
                                                                                                                                                                                                    Entropy (8bit):5.088782934782564
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:UQ098RszhJhqAGxeCZci4Cmyfws+hYgD+u16sWZXyR:lTszcAzicyKMU
                                                                                                                                                                                                    MD5:DAB3E21D71D626285F26090D292AAE2C
                                                                                                                                                                                                    SHA1:75942D6164CC6ED64E4212A66BC55683E0F4A73C
                                                                                                                                                                                                    SHA-256:247F55F28DA05CD0256A841F71410B213805F7AE1020C474E1F87427E2AD3CC4
                                                                                                                                                                                                    SHA-512:D4BBFF6C3BF5EAA794A1D36B2E6835E10934E998EF715BBA6A362AA1948A520D6D46CFA16879A43340770516FBC7C8BAE2E2F266596B644DC685587821D86140
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qaudiooutput.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAudioOutput :

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qaudiooutputselectorcontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1675
                                                                                                                                                                                                    Entropy (8bit):5.102710476280352
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:QHQ098mXIpmNDzVZRURU2SnOk2bS5esOsGHI1Y/B2e3Wj:oQ098RszhJhKS58sGI1YJ21j
                                                                                                                                                                                                    MD5:E01F72AAF4C8573999456104B72946ED
                                                                                                                                                                                                    SHA1:636014DF9D6272FF45480923ED3CA860E00A2CE0
                                                                                                                                                                                                    SHA-256:D5F259EBF81982B548C09AA74ED7F32F871ECA60224389BE17C66FD2E02A25E1
                                                                                                                                                                                                    SHA-512:B6540CDB6F18B99790038E47F06A67941359845BC700AD151F7AB74743FB932C96087C771B5653238EEFFD61A36A6434B079673C1913696ED7897819BC5A262D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qaudiooutputselectorcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qaudioprobe.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1382
                                                                                                                                                                                                    Entropy (8bit):5.147837917159921
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:RHQ098mXIpmNDzVZRURU2SnOksuA2So6/Mgp9rH:pQ098RszhJhZAToaMu9r
                                                                                                                                                                                                    MD5:4721890051493CDEF6E26E50A0B22683
                                                                                                                                                                                                    SHA1:B5AB1D3ADECD9A8EE807F88C63948132F9FB55D3
                                                                                                                                                                                                    SHA-256:C15199BC96551C0300BA504F5DB1D196F564409D0775DBD2BF5A7939F19A19C9
                                                                                                                                                                                                    SHA-512:2D302D2FC5E6EF20F4D33106E21D17DAF8057F0CD67780998F9F3304B22BD5D3966B14B300BE2835D03E81C3F88BC6D40333FD4645B82E9B55C6FD390BA781DC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qaudioprobe.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAudioProbe : pu

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qaudiorecorder.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1640
                                                                                                                                                                                                    Entropy (8bit):5.174719179661891
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:ZQ098RszhJhvlxhkOlXl08lkmZeLWEZvrZGEch:WTszvxj10ykKeLf1M
                                                                                                                                                                                                    MD5:F3C4743F9A03B37A215FA051B9EDC22E
                                                                                                                                                                                                    SHA1:22B283A9E60798CE49906835018FBDD7AA9F74B3
                                                                                                                                                                                                    SHA-256:D53AC57AABAC9852102AAC8C7ABF17376462A791F07846499F93A8C0489C41FB
                                                                                                                                                                                                    SHA-512:76007B49964530B328816E1FE3E87507BFDE5E8A6056CD13B1F29437E93D16BF8F0A373A09330AF15E61A2CA4C418CABDF32DF6F875127F3A477240581836E41
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qaudiorecorder.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAudioRecorde

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qaudiorolecontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1480
                                                                                                                                                                                                    Entropy (8bit):5.158334949140741
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:gHQ098mXIpmNDzVZRURU2SnOkpgg/SpVPYTI1:4Q098RszhJhpg8SpmTQ
                                                                                                                                                                                                    MD5:86487AF01C8DBE0E20A1A4276BD9A5F4
                                                                                                                                                                                                    SHA1:E88A5A8424DB632CDD7952376533C2DA0392FA0F
                                                                                                                                                                                                    SHA-256:3738DD7FFDBBD7E062308D5C609BCB9424BF9EB359726268221FD1837F74FB25
                                                                                                                                                                                                    SHA-512:45AEE65D28224E69F44CFB2CCDAAA7DF8A6FA0D62AAAF6947ECE58C6A8990B59A24F6FFDEAA3694FB2B030EA0756EA01E63A69C5CD9392ABC9CE7600750B5DE3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qaudiorolecontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_6_0 -)

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qcamera.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5933
                                                                                                                                                                                                    Entropy (8bit):5.086587730400647
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:xTsz2ArCvK2hPXZB7+4uUaH7nx1kAGpfRTTsQ3s/i/O/2E5/Vua:V7A0ZdqkJVRTTsQ3s/i/O/R5/Vf
                                                                                                                                                                                                    MD5:A8D99ED1C45D72EEFE9B78270D119EBE
                                                                                                                                                                                                    SHA1:1101CD5059B278ADDC0238E1DF13D1B81FD42638
                                                                                                                                                                                                    SHA-256:F1EDB7822BF785B5E51318624513E5B8925375F7F516C3AF95172EBD9B34F955
                                                                                                                                                                                                    SHA-512:DB1F3B85E82FCA3369CE15A28A88AA5EDD5FC469392FAF1396C807C78D8DB80EF43428C4A4A7E0C91F4C604AAFBBBDFFB4C4AFEBE4B29146E19103B317A1505F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qcamera.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCamera : public QMe

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qcameracapturebufferformatcontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1596
                                                                                                                                                                                                    Entropy (8bit):5.1492254090644405
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:kkRCHQ098mXIpmNDzVZRURU2SnOk/OIRoSM8o7m0XA:XR6Q098RszhJhHRoSpo7mB
                                                                                                                                                                                                    MD5:B7CBBF689CB53DAEBF9FEACFA5F10AA7
                                                                                                                                                                                                    SHA1:FAD9516D41EB9E734E0C2B6C1311E9B18DE92694
                                                                                                                                                                                                    SHA-256:12B655698419E64315E714CBC9FD27A5418F659BDEC1E9CFB1627C78C7D1B67F
                                                                                                                                                                                                    SHA-512:E30C67BAA720F2C2D49AF2520A859009FA5C88B06BEDC9CBC0194ADCEFA3A927048BD4DE6C0EBC361B51B2C39CF3B1EEEF8C2523AB41BDD97DF7815FF342247C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qcameracapturebufferformatcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qcameracapturedestinationcontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1699
                                                                                                                                                                                                    Entropy (8bit):5.051809570351321
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:XPbQ098RszhJhG/PJSvcXLsMFW2PLYMboCMeg:X0TszqQkXX3I
                                                                                                                                                                                                    MD5:F2C5D688696E3DDA56C1108AC88EFD7B
                                                                                                                                                                                                    SHA1:8530C90A9963AF39C0405BE8C19FB0555C640CAC
                                                                                                                                                                                                    SHA-256:75B30DE0618C180DA0457B9327DF8575D9B35CDC37410862F3A7E84BA0DF3585
                                                                                                                                                                                                    SHA-512:91A751132D1D9A4130619B1BE9902546C14171AB0B402A36279A1104A38BDE5A3F0D3C2DF5B669399A4BC7EE80EB58E570B2ED65F04F87CC6479CF7F348CD6B6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qcameracapturedestinationcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......c

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qcameracontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2067
                                                                                                                                                                                                    Entropy (8bit):5.049405602529994
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:lQ098RszhJhW9N26o36z1b2tD2E/X2QCAXidwOClG:aTszioqz1bGLXIAXukM
                                                                                                                                                                                                    MD5:9FF2A83F6CD9C9A32A5E1D9479CB6617
                                                                                                                                                                                                    SHA1:F1B6D0BE6AD8A3FFE975233734D445D1F118F92D
                                                                                                                                                                                                    SHA-256:666698C97F343D30455508737FDD8E73E2199368B84EFA605CBFF676A24564BF
                                                                                                                                                                                                    SHA-512:D7FC8AF469D5FD0C070258A53BA169BE5621173CDA788E96A450560304C72D5F19947E5A8B38763102FCCEFFFC2EF15B188C005AA71B5DE6DFCD105DE5E57BF1
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qcameracontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCameraContro

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qcameraexposure.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4530
                                                                                                                                                                                                    Entropy (8bit):5.032673395620416
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:cTszhATs8GSD9rQn+WFO2WbRiRWIT+lsldfGrvqA:2GAcS1E4noI5udfo
                                                                                                                                                                                                    MD5:FF4D34FA86317076DBDFF4BDF61CDFA6
                                                                                                                                                                                                    SHA1:BE77BC487E325C0E2D227C6E4B8C5537E0F47065
                                                                                                                                                                                                    SHA-256:631984D6FB728551925F9A19C482075570B1C5EA1A3958C274883043B8EBB08D
                                                                                                                                                                                                    SHA-512:6AD78DB3B8695701A6638635A1A4F1470D083961ECDDEFBBB5F0F53EC2E99DC89E64A33E5EFC2055FEDCC89CC83393CE46BE11D776189CA5DB04E9150391D3BB
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qcameraexposure.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCameraExpos

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qcameraexposurecontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2257
                                                                                                                                                                                                    Entropy (8bit):4.998418303695696
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:kP3HQ098mXIpmNDzVZRURU2SnOkJyjNSwy7Fr3HXXv1kvxOpAmz1v1Hz1v1X3z1T:MQ098RszhJhoShBX9S0nTXvW4+C+c
                                                                                                                                                                                                    MD5:F3B54DB05A7BCC5F7157F31592B1FE42
                                                                                                                                                                                                    SHA1:837D1E6D90D0D3D8A1EAAEBCDCCC5E6A94D13A78
                                                                                                                                                                                                    SHA-256:14AE50B6D723863E6FC123FD4BE0A8A02982D7645D827CBC417C2AF4B8DF3629
                                                                                                                                                                                                    SHA-512:441BFC62817D3DA738303F4E669AF056587511488544B10D1760309B7116F9A100C28AB68E4B661712ADE51A915960A01297AAE7759F902F109AC1C35D52B53A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qcameraexposurecontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCame

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qcamerafeedbackcontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2016
                                                                                                                                                                                                    Entropy (8bit):5.067682162422017
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:iQ098RszhJh9Sq6L2diuXvhYXChYXIdWpXaNLC:fTszzs2diuXvhYXChYXIdWpXiLC
                                                                                                                                                                                                    MD5:BBECFB1EE3E070E97FE4D5A4A45D6F5A
                                                                                                                                                                                                    SHA1:BDD0C58DE13C1CBB627126F7CD1939137EB8B64D
                                                                                                                                                                                                    SHA-256:949D91D1CE867EA8E4EC235C39767DA13E1526A479D670FD42ED45EDF435996B
                                                                                                                                                                                                    SHA-512:4A2A1291862FF27D5E2B7FA98973C1456D76D4717C90FE5DA01FBDC301E52B6379515D8AE44D141AF3FC71BD321D51A399C3E765782D40747AD69D60D28B7CB6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qcamerafeedbackcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCame

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qcameraflashcontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1535
                                                                                                                                                                                                    Entropy (8bit):5.144035088934151
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:kXUHQ098mXIpmNDzVZRURU2SnOkLLuSK829NFMOv2LK2qXrQCv2LK2NXrwfU:lQ098RszhJhOSKN9XMT+bXrQn+AXraU
                                                                                                                                                                                                    MD5:F7C4551FB741AF42B2570F2CF39749DF
                                                                                                                                                                                                    SHA1:65C6003E5D35262B09828761F888943DC8FEBC49
                                                                                                                                                                                                    SHA-256:BB3C1E506C353DB7B1F25849281B986C03D49920B96947DC670A2910C2B73B70
                                                                                                                                                                                                    SHA-512:AD3DFFF49E56CB113A5EFC05B21179BE0239A1EE2470A517B990841B9EB42733B332048E753E218A638B26FD93E1B5AA61E0157DF122B1DB25AC9E4A919484E3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qcameraflashcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCameraF

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qcamerafocus.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3321
                                                                                                                                                                                                    Entropy (8bit):5.041316311088247
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:6Q098RszhJhhcsCADOCbOAomL2cEDsMzEgo22X2oL9l3B9wl9i8RVpoya6:HTszE0yzAbSslG9hwj6
                                                                                                                                                                                                    MD5:A893282124FD4480D7399753A144EB37
                                                                                                                                                                                                    SHA1:C3B02731431A8AFB07D2C24D889FA272F65826F1
                                                                                                                                                                                                    SHA-256:BA9623AA0AC530E300F11386C93E2CDC364747C2F204C4DD176F5C3827974C85
                                                                                                                                                                                                    SHA-512:C4193FA5E38B633139D6924FCD92AF4EE6171AB8B219F77D2D2C07A48801180903F5E3A8BDC3968084DA369A89BB2232596A24BA7B9C732038536E0100AA96FB
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qcamerafocus.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCameraFocusZon

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qcamerafocuscontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2079
                                                                                                                                                                                                    Entropy (8bit):5.083313333840769
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:XQ098RszhJhGSoYcDbX4ADccXq3+X2LxWXz:gTszpoYKbX4ADPXq3+GLxWj
                                                                                                                                                                                                    MD5:BAEC3541DFE63DB9E96E349351310ECF
                                                                                                                                                                                                    SHA1:5ACE3C046B7AECEE176947E3AD416084920EF15F
                                                                                                                                                                                                    SHA-256:DF1E7EDBA3D98188212F3834E4699C2B927EC5CCDC77CC7799F08E04501DD954
                                                                                                                                                                                                    SHA-512:F87A7130F98E25E476A67EE45070C501E89911EB2A35780ECCB8640D715632C2DB343A4638016E23DA3AE89A19A123185C9C9EA18F99B87DB0AA28D06C5746A1
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qcamerafocuscontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCameraF

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qcameraimagecapture.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3658
                                                                                                                                                                                                    Entropy (8bit):5.019025473560215
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:zQ098RszhJh4yo+6NcFNwpV2bQO56ZUagHZ/ZwbPDESbj+cssMBe2XTYM28Clffp:UTsz9QRNWuUaiB6b3BNxqnnzeyXV6
                                                                                                                                                                                                    MD5:C12D3EBE31CE9459EA1D9524339F7192
                                                                                                                                                                                                    SHA1:3A593F2FDD9A6A9793A5214BC9FFE5923C6F42ED
                                                                                                                                                                                                    SHA-256:B5EE9D5DBE0ACCA9A98B2858B788358024251250D8149F09B143FA7090341F40
                                                                                                                                                                                                    SHA-512:D8B24F1282C6F15111EA76F9764FB00FC971EBF1902B187820C7577E380B8F82987379167499E32BA7260B2C523A4D7231E535582435F91C0DC7F4E1641C8E8E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qcameraimagecapture.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCameraI

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qcameraimagecapturecontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1990
                                                                                                                                                                                                    Entropy (8bit):5.090345721994596
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:EQ098RszhJhsSFXXgab8Fi/nfseE0He+f:1TszrFXXgab8Fi/nndHe+f
                                                                                                                                                                                                    MD5:D585517705FAF7DDE2E947CE4E59F6E4
                                                                                                                                                                                                    SHA1:08B87B764DC952C8B7D4D0A8E631C57DC5A442C6
                                                                                                                                                                                                    SHA-256:5C808C7A9FA4498E71D59BCF2520496FCFAC963260E3B0F41197EF3672504ED9
                                                                                                                                                                                                    SHA-512:72751659BA40CF2034BB900F627FD2965C9628D78238BA049BAC9826B413FBBADFF479D960AA749804884646DDFDAF27D86C6F55E0AC2457524FA0882957978D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qcameraimagecapturecontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class Q

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qcameraimageprocessing.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3161
                                                                                                                                                                                                    Entropy (8bit):5.0487091033960985
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:QQ098RszhJhYLAyXRX2Pc0bcacJrW24WcuyBK8RrjporfCaCod1N1g9SQ1t1jn:5TszkAoNhbiWyn
                                                                                                                                                                                                    MD5:33DBE1478317270306DCAA6D6209E3A9
                                                                                                                                                                                                    SHA1:0EB572692897F886F8863E6CBD6E748C8C55D522
                                                                                                                                                                                                    SHA-256:BBF9F5691ECD8D8E764BC4048AC91A5E446C4639CCC45642418757F74279EB4B
                                                                                                                                                                                                    SHA-512:B4005930510D8E37601F87AC2952C64EBAC53AEB2155EF07CA8A0DF1C9514CB5D9197F14EE6DF441D45B0F42700A7DF8E7D99851DE39EA97FC3E23DC9CC25107
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qcameraimageprocessing.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCame

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qcameraimageprocessingcontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2160
                                                                                                                                                                                                    Entropy (8bit):4.971023347131852
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:NQ098RszhJhYnNSrn0FEB2XZXCnHAXPnHVNcnHBYnHVXnC:yTsz52EB2XZXbXz8p
                                                                                                                                                                                                    MD5:42107B060A89A2FB71E3742C242F2760
                                                                                                                                                                                                    SHA1:0767273CC0BD64E0847DD7BD25E64DF295632971
                                                                                                                                                                                                    SHA-256:A3FFEB3239D5412F3FDFA3BEC629FD4D5F023D9917DD90546E218C966132DA58
                                                                                                                                                                                                    SHA-512:BB5C229AD6B8A2AB1DDE94FAFDADA9B4F0EA30115D57A2AC4968656F585973C591C7AF58D03CD49547A943488F21DAAB6B7AEF60D053CCEAECB69783D133F075
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qcameraimageprocessingcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......clas

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qcamerainfo.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1694
                                                                                                                                                                                                    Entropy (8bit):5.115309167830691
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:kdHQ098mXIpmNDzVZRURU2SnOkp7RYOG5Seg6gZRAZvVSFlxBxAS:kQ098RszhJhp6Ox6gZRAZvVSFl9AS
                                                                                                                                                                                                    MD5:0815B7216969DCF29AAD1869E7574F33
                                                                                                                                                                                                    SHA1:ABA485A84D82CF489F7364982B8DAB1E929B660F
                                                                                                                                                                                                    SHA-256:67BF98045FC349E40AF8A4C7A27660842F40DAED4979EC89D8DF529FB73FEB62
                                                                                                                                                                                                    SHA-512:EE28BD84C64EB050656D2B635F3FA50189B0B725F4D125E6022DE713518C56DC13CF165544735E756AEB3D794B0A6BE9D4154C8C8B387538AC2CCEB3E16C17C3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qcamerainfo.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_3_0 -)....cl

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qcamerainfocontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1385
                                                                                                                                                                                                    Entropy (8bit):5.119520315926972
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:kWHQ098mXIpmNDzVZRURU2SnOk5QSGvgWnY:BQ098RszhJh+SGvgqY
                                                                                                                                                                                                    MD5:CB028B231E17A29F13B540CC95F3CAFA
                                                                                                                                                                                                    SHA1:825A85DBF818EB1FB724F4015A81CF96E829C276
                                                                                                                                                                                                    SHA-256:14D7391E33F78F6EBF90D3920D6F9D7E42BCD9991A98A5A139908AC5B7E81087
                                                                                                                                                                                                    SHA-512:D0322192EC3D3BCFC37C40CA726278D2B3A47809945219491E71620AC31DE6678992E2FA2AD2C50450E76A8E9260D6EAA1EE9BD7E4A1E57DB4C4D7FFA4A501F8
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qcamerainfocontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCameraIn

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qcameralockscontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1618
                                                                                                                                                                                                    Entropy (8bit):5.163962770921877
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:kWHQ098mXIpmNDzVZRURU2SnOkZQS4XcccngmR3eRwSn1/:nQ098RszhJh+S4Xccnozy
                                                                                                                                                                                                    MD5:86DAF4C082BB92CC0ECE5D2333BCFECA
                                                                                                                                                                                                    SHA1:4AB76E525854A35A0FC870F19D8B6F457BEF7FF1
                                                                                                                                                                                                    SHA-256:E0FDD6F94B091C9798437442748EF8CADECA3FC045E53B55BDC41F78433EFFEE
                                                                                                                                                                                                    SHA-512:638771BA79E5210B455873EEBC9A43F13D81B6E1579E41F8E144669C230D9503C19AD8794CAD8BCC069E98AB14F289127BCA9107EFF23F69851B719B129CE2D5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qcameralockscontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCameraL

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qcameraviewfindersettings.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2139
                                                                                                                                                                                                    Entropy (8bit):5.139078662446435
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:kQ098RszhJhpJnc+s567HsXMuRj8H53lFxE5xl:VTszVc+s567HtOyJxQxl
                                                                                                                                                                                                    MD5:7DD1388CC70E9FE55E9B952D225BFAEE
                                                                                                                                                                                                    SHA1:24649794535E5FCE026D7A5219DEB1FC1E776EA1
                                                                                                                                                                                                    SHA-256:6418F7F6D0E73293A1FD5EF080969DE9410F23F357258A094A6C337EF5A178A6
                                                                                                                                                                                                    SHA-512:20C949FD9C718FC0C8B91A67130C19E2D331D1A35205DC8ECAB75F5FF3EF48C5728D56F3C4F027E90DCBF4A1DA19955CBBBDC1C44C1D1033CEEA3401AB0FF559
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qcameraviewfindersettings.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qcameraviewfindersettingscontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2420
                                                                                                                                                                                                    Entropy (8bit):5.045446808631823
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:BQ098RszhJhLaP+wkaJXq+QG+Uu+kG+Uq+kG+C+xySaRx30uT0es8Ph:OTszl2+wkaJXq+QG+Uu+kG+Uq+kG+txy
                                                                                                                                                                                                    MD5:E323CB03C0DFF365CF1B5C242A4A2919
                                                                                                                                                                                                    SHA1:C9D132CDA56381AF806C3A14BE15B587EC4F0196
                                                                                                                                                                                                    SHA-256:3B8A7D49B65E9C2A8A12C785D781FF5124C933040A9C7752CDC53AE29A275B1D
                                                                                                                                                                                                    SHA-512:8C637482B09F7D1CD17C5A53A535B29339D3A3072F86C21F9B6EE2EB061A7BCC4F80CB7AB34BBC55FA71E238215C82688176C7CE295E712D3A3855EDC7CA0557
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qcameraviewfindersettingscontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......c

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qcamerazoomcontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1926
                                                                                                                                                                                                    Entropy (8bit):5.090573717710178
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:eQ098RszhJhMSzz95HoGRiaJ9ABpnbWqR:TTszTzHHFRiaKbWqR
                                                                                                                                                                                                    MD5:63BA171C7EE3BCF9231376CCB2EED990
                                                                                                                                                                                                    SHA1:4BA2906115E2A44D42BB7AD72D50FC691720BD60
                                                                                                                                                                                                    SHA-256:F43ECDB46FFA833A389DAF0A97B247C6D4BF3A66F5FA15CEE6AD9E23B77D1F9A
                                                                                                                                                                                                    SHA-512:17CF57C756F7E588412F78FDACDC8FA8CCE4B5B7EA9CE96D38BF844434FCB694ADE15511FF9B80671C6040BC972454A1BB1B911F5CC138DA7D68AE7DE9C6AD04
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qcamerazoomcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCameraZo

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qcustomaudiorolecontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1526
                                                                                                                                                                                                    Entropy (8bit):5.154070852235135
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:BHQ098mXIpmNDzVZRURU2SnOkpOPuSOkjVmVb:ZQ098RszhJhpOmSOQeb
                                                                                                                                                                                                    MD5:BC7D666AA3EFD6B514F987B6D00DF630
                                                                                                                                                                                                    SHA1:99FFAB11C6279C9CAAB18DCE6DB73083101AF817
                                                                                                                                                                                                    SHA-256:C4B6BB2A689317F4045780DA7C72966B7475B489A39C9D5EE8BC256A9A0A1161
                                                                                                                                                                                                    SHA-512:485D6FCA9A1C10B343593B04DB4336A3A411621D8CD990F37C439F36239802B1305FA82FEC581D08215E82E93726005E190563618885043F80DC662D9C6682A6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qcustomaudiorolecontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qimageencodercontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1633
                                                                                                                                                                                                    Entropy (8bit):5.107673401241624
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:tHQ098mXIpmNDzVZRURU2SnOkxASytnW1dqbZ:dQ098RszhJhuSytngdqbZ
                                                                                                                                                                                                    MD5:5756A77082B9930D73BA257B6D8FD241
                                                                                                                                                                                                    SHA1:45BCDC4FB81DDA226B62D44F2180AC7D18961AF7
                                                                                                                                                                                                    SHA-256:8FFCD6EE39ED0C36472AD402496B380037B06E5752548BCF7860A6EB8C743E5D
                                                                                                                                                                                                    SHA-512:C72221017320D033C71E6FB93F0547575C7C7424780FF25F6EFC1CBE1466B2674DA984DD60CEA7D790345607A75EBC0ABB70FC6DFE771C045657D0E989EADB02
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qimageencodercontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QImageE

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmediaaudioprobecontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1341
                                                                                                                                                                                                    Entropy (8bit):5.1441088741350125
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:vwjHQ098mXIpmNDzVZRURU2SnOkyVw+4wZSdVwHrOVwQ:eQ098RszhJhqSwy
                                                                                                                                                                                                    MD5:23FC82A8735C0F0A9EB58A57D4B651D2
                                                                                                                                                                                                    SHA1:E525AD1603E03807A3C2BC7C853B3138D8FF1339
                                                                                                                                                                                                    SHA-256:3CE56684B10D41CE203F479E6AF8B9CD6F9ACE38605C6B04E4A2BA1997A31616
                                                                                                                                                                                                    SHA-512:11B4DE28F0DA2141BC0057F12C9A5CE2127C4A4A79E17467971D72C35E6B41C48662E4572D00D172F4BBAB48E2051A8ABF4D5BC65B98506B8BB1AECDC81F1274
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmediaaudioprobecontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMed

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmediaavailabilitycontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1423
                                                                                                                                                                                                    Entropy (8bit):5.126797304411182
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:tHQ098mXIpmNDzVZRURU2SnOkyyqSd4bIak:dQ098RszhJhWSSw
                                                                                                                                                                                                    MD5:EB4C05FF275C25527D7ECC26C3787A75
                                                                                                                                                                                                    SHA1:B6AA210533551FBB56A459D6408C43D55B4D4DCE
                                                                                                                                                                                                    SHA-256:8FE8F1937ACB56EC775D62CC7C4F0D1FCF1BB873C9BDB84907B4D52E3E9DDDBC
                                                                                                                                                                                                    SHA-512:C3936AC19727FA62F3190083264987976943DAD2C2964A690D9E8D8EBBD979F2C4AFABD1ADA55B7791963219DC3CED2C67ECB48B066D223BAA137585714A7764
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmediaavailabilitycontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QM

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmediabindableinterface.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1267
                                                                                                                                                                                                    Entropy (8bit):5.1456887531081925
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:bHQ098mXIpmNDzVZRURU2SnOkisSU3WXmfEov:TQ098RszhJhtSUGX+
                                                                                                                                                                                                    MD5:EA731024D3FF014F8C6CA88765BD91A3
                                                                                                                                                                                                    SHA1:5ACD98D9930AD0A87F3F1C74ADB0D50D9290D4D4
                                                                                                                                                                                                    SHA-256:1567D2717A30F6BCE194F829DEF8FD22873DD5D5B815C1485B653C3909CAA957
                                                                                                                                                                                                    SHA-512:73D20CE358C73220FD8E33E1E3E3FD7581E5EA04F60D79E3B86B74C2CDA0EC67F54F1AD4E6B364BB399F03B05F2BC5BDA415A8FE7BE8553EE907A1ECEB9D7FD9
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmediabindableinterface.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMed

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmediacontainercontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1505
                                                                                                                                                                                                    Entropy (8bit):5.092171449123329
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:pHQ098mXIpmNDzVZRURU2SnOk5IS2TNrrCHdg:xQ098RszhJheS25rrC9g
                                                                                                                                                                                                    MD5:68BC3F614FFD4B2FB78951D1B3313C63
                                                                                                                                                                                                    SHA1:8FC5737053932EBEC654E50F82D513D4E3968FCF
                                                                                                                                                                                                    SHA-256:8CE6996048E634C0CEDCF7E638B0BCC7F1547D001AAC14C46BD11C0E6A27658B
                                                                                                                                                                                                    SHA-512:BA07DA7454EE57C6F5537AA18411A19221D184D82F7B50FF71354C98FFE6C45AC14B551FFA76C6AD0AA9EC162E49C05CAC8A041EB5360AAE3E07C265A065447F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmediacontainercontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMedi

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmediacontent.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1870
                                                                                                                                                                                                    Entropy (8bit):5.0774952862760525
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:XqQ098RszhJhKX4yCJRgXfHJRXT0Kc+os78S8dDn:HTsz83CJCvHJ9Ten
                                                                                                                                                                                                    MD5:9FF3C0D97164AFC48331A216ED102F57
                                                                                                                                                                                                    SHA1:F8A2223A4130239CEC3AE9F71E3775F18EF26A11
                                                                                                                                                                                                    SHA-256:046EE72568CDD880DE3F30E8D0D369A38E0AF39CE25AD29F11A080281EB16710
                                                                                                                                                                                                    SHA-512:FF1DC7FD707BA615074F45AAA925EAD2E4B5548ED962A5181BFD7A8944A3569E5964CE548F0E1A3739AB6EDD6FB1E45316E392E8774A92A44B156F15F2A7CB05
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmediacontent.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMediaContent.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmediacontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1301
                                                                                                                                                                                                    Entropy (8bit):5.221821562253981
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:6HQ098mXIpmNDzVZRURU2SnOkOA2VSHFn:CQ098RszhJhOAwSHFn
                                                                                                                                                                                                    MD5:D74E4AE92A9321722D32174F63766A59
                                                                                                                                                                                                    SHA1:D8F17ED45B093161EAD760B7B8CDE227B71E753D
                                                                                                                                                                                                    SHA-256:9539AF5C0DE90596A94FE7500603FC133D2C621D768F3BE99451F371A1E8A5D5
                                                                                                                                                                                                    SHA-512:E0E51FC59C8743E5B11189977085136921153F8D28716C419DB1522D7E7604AB06DEFEDEDA4D86359DA6E1C06E0D895C92908CE2C5D1342885C0CEE5509DC2C8
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmediacontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMediaControl

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmediaencodersettings.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4158
                                                                                                                                                                                                    Entropy (8bit):4.9206387574710915
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:6Q098RszhJhB66gwc3S175QqmxwqSUZ19H6w7c3S17xb3YOwqSUZ13h6M5cZ7xaE:HTsz66Z12isX6C1tSsT6/zsa
                                                                                                                                                                                                    MD5:DC7349008E874D59D01F5AC9E22C2C44
                                                                                                                                                                                                    SHA1:A08E341C539F3938CAD32F46C1AE3784572932FA
                                                                                                                                                                                                    SHA-256:6719EA20F8806392F53B5E219DC2566FCA22FDECA8EA8AB9DE7A4068E421B4C6
                                                                                                                                                                                                    SHA-512:A5AE7B51FC5AFF4A3093B165BD36C2562C5E19C039879DCDB4236318CFEABFA4B4E5FE59A72A5205673A3687302BE3A59C5123D9367EFA0A61934D69E996B73D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmediaencodersettings.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAudio

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmediagaplessplaybackcontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1705
                                                                                                                                                                                                    Entropy (8bit):5.118989169638743
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:OHQ098mXIpmNDzVZRURU2SnOkyjSzoAXI615P1:eQ098RszhJhoSzoAXR15N
                                                                                                                                                                                                    MD5:45D97372D73295BEE483821220927FD1
                                                                                                                                                                                                    SHA1:17052BA047259521B98A5B5D0F623C58B3D2B102
                                                                                                                                                                                                    SHA-256:568F4C1111107B4AD75046476C189BCFADA28C27E6734275881A387623043319
                                                                                                                                                                                                    SHA-512:47CE9373B898A93D9FDD48F21D1D39EF8E4D9159505587A675F98FDC4AEAEB60C9F8881428E0BD56B6218D5033C65F8C71CA2FC3EF6809B59B5D895A4D54619C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmediagaplessplaybackcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmediametadata.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3993
                                                                                                                                                                                                    Entropy (8bit):4.735951023142307
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:KQ098RszhJh47t+iZ8YcG5oAB6KGKnqgl6sFKMnZwzFlRQB:3TszUtFZ8YR5F0KGQqgl6sFKMZwFgB
                                                                                                                                                                                                    MD5:A342639FCC4064C25347AB37856DFCF4
                                                                                                                                                                                                    SHA1:7D4C6E9C58396418348E4E27EED525491A66D8FD
                                                                                                                                                                                                    SHA-256:6100B9D74581B64233B0B0A2269FAC1E8C4240C56D9567B2752CDA4BCD605AF7
                                                                                                                                                                                                    SHA-512:F6F79B6BD1E408532E78C4412570009D2D85AA8FF784B2DBF9A3E73AA281B120550099A01EA17293B70918F65ADC9A099CF4F3B4A3BD76E4ADED3DD16C9ED369
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmediametadata.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......namespace QMediaMet

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmedianetworkaccesscontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1517
                                                                                                                                                                                                    Entropy (8bit):5.127491418312526
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:iHQ098mXIpmNDzVZRURU2SnOkanPSTbFt+bJUT:aQ098RszhJhaPSTbFt+lUT
                                                                                                                                                                                                    MD5:54E3A6BAE57F73455E6078420130F982
                                                                                                                                                                                                    SHA1:9B6D2EF81B57B3431BA7A7119C33C6D7CD8A9DCC
                                                                                                                                                                                                    SHA-256:536FE489BE9CF822272DFD0348B0F03B42BFFED1BB7FABAD92C259272948080E
                                                                                                                                                                                                    SHA-512:5CFC49D55449CA531D8E94856E21D372E589C899600BB809244F4638BEACE0D53DA71BC02A2B4E853A6669DC94D12B16D609FED7862ADC467C7E43F4EECA0183
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmedianetworkaccesscontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class Q

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmediaobject.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2098
                                                                                                                                                                                                    Entropy (8bit):5.083504981094136
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:8Q098RszhJhCAGSa6X52QTQGEgtXI5Rt2FoBZD/pjI2t7M:dTszEA/a6XD0OXI5R/+
                                                                                                                                                                                                    MD5:FE7D794DE7D36889E3A6B1C9460BDEDA
                                                                                                                                                                                                    SHA1:D9C47D5E129D43786EFA0AEB11BB0CEA4F529472
                                                                                                                                                                                                    SHA-256:ED0A694A0EB06708DFDB6B5415B11856C3A182E858A412E8F114D41EC7F1CA9D
                                                                                                                                                                                                    SHA-512:E8E1C32D810484F34885AB02831EA3F1E79AC58C5D454D87F807A2249EC98DEF7914DABE2C398D319CDCC1086E3E645F97AA8B5E2D6A212273085BE6AE8D91BD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmediaobject.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMediaObject :

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmediaplayer.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5113
                                                                                                                                                                                                    Entropy (8bit):5.055121533559872
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:vXTsztAvm3CyNuUa9taViOGlpiXI5RmZIn:biAObNSaViXpiXI5Rdn
                                                                                                                                                                                                    MD5:7AC0DDEC88835BCCF9DFD04E098A8C78
                                                                                                                                                                                                    SHA1:058A98DFC9694DF84E297EFECA6872A23C267B16
                                                                                                                                                                                                    SHA-256:4689C71BFB67E20C142B10F525A7E40D412C20AF23C37A91877B967A45FB575B
                                                                                                                                                                                                    SHA-512:47E433B21103CA920060ED1EF47D8456A681C77902EDCF8DD4450EE96E7569C262F3DE4E92692B06C7BE58848335D01B0135F1DE8D4A0E2F7941D981FBC322E6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmediaplayer.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsVideoI

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmediaplayercontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2979
                                                                                                                                                                                                    Entropy (8bit):4.9934739808905695
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:fQ098RszhJhWSAN5HUr+qrXM8oX1GXGGX5SQ6xBqbbX+cJiJagmeFJQLMi:YTszxAN5HUyqrXM8oXgXnX5Z6xBqbbX9
                                                                                                                                                                                                    MD5:5907E7E11F999C5414FFB08EA74CA5A3
                                                                                                                                                                                                    SHA1:386463877474BB08DEBF2DF6F5B4BD29311266C6
                                                                                                                                                                                                    SHA-256:E44061D27547E1BB87C8EFE3F5F882CEF0D52DF4EF0E889F57F53775EC640F15
                                                                                                                                                                                                    SHA-512:69A172BA94F23D10EC61BD4D66930992DE6AA74D0029A611712A5B5BBC8F1E0964CB5DE489E93F3CC59C92BE40A6140BC746967B618E47BC3F374A6E4FF5C2ED
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmediaplayercontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMediaPl

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmediaplaylist.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3573
                                                                                                                                                                                                    Entropy (8bit):5.00934714826084
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:nQ098RszhJh47FJp4Q/N6OMQ6wGYGmLObWj+ERC/EACi6ZUagSnN73xtXNj:QTsz8FDN6mpdj+truUa/NjxtXV
                                                                                                                                                                                                    MD5:7FE0471311C5107816A75A9F5FC3DB77
                                                                                                                                                                                                    SHA1:FC300F43CB0D7A60FDACBA56C743A802B209C196
                                                                                                                                                                                                    SHA-256:5E651D5A45575A856A640199ACE7B51230DDCD6B3E53491FD0E1D1DAD151BBB2
                                                                                                                                                                                                    SHA-512:00AF03566DEC283DAB0D7951CDDA24B80EB2A32A9F7DF3E07F660B239C164AE23D4BC66924CB9BC44E752C62AFE20794B45BB1CE8FA4923A5AC5303A54A8CD53
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmediaplaylist.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMediaPlaylis

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmediarecorder.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4576
                                                                                                                                                                                                    Entropy (8bit):4.916826887535129
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:wTsz1wK8Lq5nWWwuUaq10YdSzgbDImcc9VCWCXV:6ywK8Lq9WWwxVCWCXV
                                                                                                                                                                                                    MD5:7ADA68AD943DE7E65588613E3DE3DE7B
                                                                                                                                                                                                    SHA1:B77DC06113230585E728F464A6A2270DAC946448
                                                                                                                                                                                                    SHA-256:5D84EC6B2E8EACCCDFE7E73A8367958DF3B759B94F3300434888772AE99790E6
                                                                                                                                                                                                    SHA-512:E1D8E026BB9E91961D7B5A471C0BB58F2028EA4830592C038FD3DB8EBEB1EE369D63498C93FFF75C8BD6D41F57C32636A9AA077DD5BF3E2697D85345B6FF947B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmediarecorder.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMediaRecorde

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmediarecordercontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2141
                                                                                                                                                                                                    Entropy (8bit):5.043631464392385
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:YQ098RszhJhHaS80LXqEF+IVIVHXMkE8JVHEGiFkf+Ho:xTsz1b80LXq/IVIVHXMkpJVHdiFkf+Ho
                                                                                                                                                                                                    MD5:3F5F3240275A62785C64A9A9D540701C
                                                                                                                                                                                                    SHA1:12F5050BA9F470183378481916D09EC04F65832C
                                                                                                                                                                                                    SHA-256:94CBF3E1D3FDDCBF55758B0AE9E7D30D14F366BCF921E04C29EAD2467FF64415
                                                                                                                                                                                                    SHA-512:4E2A23B0A3B8547142A704D86BC7791566EB92320A10E180CA86701E69C349FF2D70CFA21E29F87311FE88ED192182E3B1E91F52D8E8D274D7A9074ACD54D7C4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmediarecordercontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMedia

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmediaresource.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2337
                                                                                                                                                                                                    Entropy (8bit):5.0104035695566
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:J3Q098RszhJhDRj6VpVeoZTZPp17ZflgXdzbmN9Q5l:JATszXj6xFPj9Ng0+
                                                                                                                                                                                                    MD5:2F958E5716D128CF5BC86F20A4FE8ED6
                                                                                                                                                                                                    SHA1:F588F986D33EE10C419FDA825788B4640E0B1AD1
                                                                                                                                                                                                    SHA-256:CBFB2FB2950B2600ABBD700C32C5F322A369DEEE99FE4E1C360344E9F78FE64E
                                                                                                                                                                                                    SHA-512:1AFF54F6138811E17AE7C603BA4264AE9681E0222D041A3EF8BEBB755150DBBC02D7AA74CFB0095D56A214B3212E32B8F9936F29458FA04E060962B29E4F27E5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmediaresource.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMediaResourc

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmediaservice.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1312
                                                                                                                                                                                                    Entropy (8bit):5.136724081266635
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:gNHQ098mXIpmNDzVZRURU2SnOkVuA23vSAIURbwm:wQ098RszhJhcASSAIUlV
                                                                                                                                                                                                    MD5:6728C57724B2F21139C564963B9C3601
                                                                                                                                                                                                    SHA1:0B2C1BA0725533AB32C5444C3F6764978637A5FC
                                                                                                                                                                                                    SHA-256:4B8D0BC6C6ADAB729BF945BB9D58FF9671F5F7B05C17EEF59E24343074B81763
                                                                                                                                                                                                    SHA-512:81F4E8D2600AE64B29208192692A6CB389F7E5368DD00E190632908C0C964CFD074707FB4445BFDFD82CB1B00463AB37392C4DE75FA96A126735C741456CFDE6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmediaservice.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMediaService

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmediastreamscontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1769
                                                                                                                                                                                                    Entropy (8bit):5.050961960226345
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:zQ098RszhJh5QnwOETs5Z0JYLyjXDyDWZ:UTszzrOETs5Z0JYOjXGaZ
                                                                                                                                                                                                    MD5:41F364BC337ACFDD5DF9125E884F9D92
                                                                                                                                                                                                    SHA1:6A2E2F8831D79A00A064F73A6DD7FAF656BBA915
                                                                                                                                                                                                    SHA-256:6ADE37EE792457B54B7CF8D655293300C53670EC6F20A71E4500DED8982522E6
                                                                                                                                                                                                    SHA-512:07ADE7208F24AD43B6D2D62521214E866FCAAB865892DAD606E4C87E92C2857C96AE2348F7E355B26D6CA7A02221FFB7A039EBAB0961DCFFB2B4A05968E1EC41
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmediastreamscontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMediaS

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmediatimerange.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2967
                                                                                                                                                                                                    Entropy (8bit):5.031830788284302
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:PQ098RszhJhBH4o16zHpIH8xKvSptO21UN/B+Q3F:oTsz5H8xKvr+Q3F
                                                                                                                                                                                                    MD5:52575693ADBE3152ED88D08F10A82EC3
                                                                                                                                                                                                    SHA1:703BADAABFE1571E3836333DD09054EE27DE3FFC
                                                                                                                                                                                                    SHA-256:26BE256CAE3925042698FD909132B954FB69FBE266F01E2100F5592E42F266CE
                                                                                                                                                                                                    SHA-512:1A8552FBA58FFFDAF3A3A93034F777A0F636776DA51082C65D20745C8E2018101F873B3705AC473673FB9751355D5EF8D950261A06A77B62830E9EE51D04BC55
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmediatimerange.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMediaTimeIn

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmediavideoprobecontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1338
                                                                                                                                                                                                    Entropy (8bit):5.143008284218154
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:nNjHQ098mXIpmNDzVZRURU2SnOkA+cNZSdMMQ:BQ098RszhJhSSw
                                                                                                                                                                                                    MD5:F93C5F02E5E6CEB1B3E8CE85E2F43B9A
                                                                                                                                                                                                    SHA1:005934E8194DCD7C28AC055E1BA879AB384B3D97
                                                                                                                                                                                                    SHA-256:9D2D694FAA50B7F2A4E279531A5A8AA5F95828CFAA2FD440918387FA9692936B
                                                                                                                                                                                                    SHA-512:9761E715C4D59EB13D6C1CD40176A811A7CF851B2B1FF919870979EF4E22848F2D2B6E274ADAAFBDCAC3BE95BF42B949D3411EE222E382875E14235C5A23C860
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmediavideoprobecontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMed

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmetadatareadercontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1580
                                                                                                                                                                                                    Entropy (8bit):5.113661199593881
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:ItHQ098mXIpmNDzVZRURU2SnOkjk1PS4iXGGKGoF5NyEAI8+:kQ098RszhJhASFXGGdoF5ovIB
                                                                                                                                                                                                    MD5:50372B89D9DF3E371C5BB8F4114C6414
                                                                                                                                                                                                    SHA1:B43B8A53D54AB3BECA09A99BCC928FD6F9E159B2
                                                                                                                                                                                                    SHA-256:97E1B4336E6AACB0833CBC5DD8A2C121D7F1A06D658E6D0575B56DA70D95B809
                                                                                                                                                                                                    SHA-512:D9BFF6EBC0DEFB7535650248CEF0B719404A22BC75E7E885CE5A7D31C5B01CDEE06BE99722CF2756D75DF0056E11CBDB2DE127FAE11BEE356BF74FDF26E7188C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmetadatareadercontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMeta

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmetadatawritercontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1742
                                                                                                                                                                                                    Entropy (8bit):5.100089964223457
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:AHQ098mXIpmNDzVZRURU2SnOkMpSJXbNXGGKGoF2G2Ez5NyElIt:YQ098RszhJhsSJXbNXGGdoFh2q5oCIt
                                                                                                                                                                                                    MD5:98D7C01A47E052071F7F87807A38E9B3
                                                                                                                                                                                                    SHA1:C9C876A7210F69C91BFBF9410BDED17B9DC2FDA6
                                                                                                                                                                                                    SHA-256:F50D0B0D2572B191A5D6D01F22B0A1628C48D5D875749F1A2D91811E7EF07C32
                                                                                                                                                                                                    SHA-512:53A353E0AC054E76FF868534AF6749003AEC72973A5FC90DCB58FFF73BC4D91910FD771071CF5A49FDA6AA965FE3F034945F28CFD086DA6A81EF89AFBBFF619F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmetadatawritercontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMeta

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qmultimedia.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1661
                                                                                                                                                                                                    Entropy (8bit):4.9175428027471915
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:cHQ098mXIpmNDzVZRURU2SnOkj3QTjk36I0AMBFCwAnIqOapWfcF:cQ098RszhJhEjkKI0TqpQW
                                                                                                                                                                                                    MD5:8B4883C5268A1C689B379DF479E1C1A3
                                                                                                                                                                                                    SHA1:78180EF93268CB67AED90862745E9A421D2C9043
                                                                                                                                                                                                    SHA-256:73CD92CC4DCB85D007D9E562222D4A6E0F83E3D08B01DAED6D6D44694B12C778
                                                                                                                                                                                                    SHA-512:1CE938516593FC7AF0589C6A7BDCF42B4B4CAB5503C539C296EB4C224DCAECF6DF20D7394E1A4BD3AF5F8CFF5AA55983BE0625E31EEAF8A698A5E038903DAEFC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmultimedia.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......namespace QMultimedia.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qpymultimedia_qlist.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):9462
                                                                                                                                                                                                    Entropy (8bit):4.751724616558063
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:usziQ3/S2fzM2QWAO4z/Sm+2MztQWA5og/SejxMCQWAL4i5/Sa84MVQWAz:ufQ/xQWAOe/kQWA5h/7QWALF/EQWAz
                                                                                                                                                                                                    MD5:E9FC5326456C64621589AB8F1DCBBD09
                                                                                                                                                                                                    SHA1:9CB1C49CDA5493B778AA4C82D33F086C100FD87B
                                                                                                                                                                                                    SHA-256:4AB27EC14EA09AA417E96B1BA937D6234FC21851B4D57B9EFC1FFEABD24366D0
                                                                                                                                                                                                    SHA-512:B138E8C71B9DA34F6A195EDD8CD36CF74F7F8CABCAC3ED79B6B5532DE66C1F8709D69859B5C885FFFAEE02108A16EB6DC4B3D0467ACF4A30FBCD4F87282C6F03
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// This is the SIP interface definition for the QList based mapped types..// specific to the QtMultimedia module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%MappedType QList<Q

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qradiodata.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3298
                                                                                                                                                                                                    Entropy (8bit):4.8386409076537245
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:VTszd/2Mlw2rMSFoC7G+PA1NuUamFCOYkX4:Jg9gSFkNLC3kX4
                                                                                                                                                                                                    MD5:C5772C47B017D9D80ADEFC29686BE4E5
                                                                                                                                                                                                    SHA1:507B1DB5C560A2413D4745DD1691E80792178C44
                                                                                                                                                                                                    SHA-256:2DCB8B9B727701FE61570E5E034994CE47106070AEA52BF334AA641600C28472
                                                                                                                                                                                                    SHA-512:2FC8F8D75A3CFBA4C0EDAF7E11017380577A9AF9FD5F3808723508C4E33CB3308B3C6351E962660FDB8282EBB8ADA89B36CEF253148573898DCC4F4FC5A1A0F3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qradiodata.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QRadioData : publ

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qradiodatacontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2083
                                                                                                                                                                                                    Entropy (8bit):5.072824049144592
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:iEQ098RszhJhneSGwNfkwjFBXFA6yN6KabCOYJ:OTszdXGwNfkwjFBXFA6yN6KabCOYJ
                                                                                                                                                                                                    MD5:4643A6AC3982EFF32ED09A2E0B61F23A
                                                                                                                                                                                                    SHA1:22CACA38842E044B6462693DB14B83405C1348C6
                                                                                                                                                                                                    SHA-256:A617382E8C25E65D6F9A9DA56D2729D4CD8715B9AF16D4F6122C2DFA0E27C3DE
                                                                                                                                                                                                    SHA-512:2208311FB6A7DCB189F4C7824BA24AF4FB600EE1618C36EF0117B29D4CDC1B2085974F84874FB76A16CBECA8485F5D5FC2E4D13C6B892648E09FC70A24CAAEEE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qradiodatacontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QRadioData

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qradiotuner.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3399
                                                                                                                                                                                                    Entropy (8bit):4.9494147418809575
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:izQ098RszhJhn65A80ZGIOYMCKgmN0fLTai/NiQVnRGkKcVSgf4gc6ZUagS05cII:rTszd65AQIOtCEILGo4kKVVuUauAgVWV
                                                                                                                                                                                                    MD5:D61C23FF61B5E74FE116B67F2F0AE59E
                                                                                                                                                                                                    SHA1:9BBDD0418E7AE38059C4BC7CA18A50D5F49DE0C9
                                                                                                                                                                                                    SHA-256:3E51818987857295B6133115A5A200615EC37BB9549D69750C71353904542BAF
                                                                                                                                                                                                    SHA-512:EBC99D413CBF8A6ECA81D6F3E386599BEFD6A35E153EF1773AC74459863A3CB67727C71BC3A749432FC1279E44C8BB9A3D75B5B0FA9F7E9CF66BD7FAF5B16248
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qradiotuner.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QRadioTuner : pu

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qradiotunercontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3044
                                                                                                                                                                                                    Entropy (8bit):4.970700024936218
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:iEQ098RszhJhn6S0SiP8XpaNiRXtSw+kPBqrXMf+X/XQgQ5JvJLI4b488JgJaJkD:0Tszd70SiP8XpaNiRXtSw+kPBqrXMf++
                                                                                                                                                                                                    MD5:73823992FF8C969FEA360BB18E73559D
                                                                                                                                                                                                    SHA1:66F9A5E97FC520B6F0A7F96977CDA1E820B23BFC
                                                                                                                                                                                                    SHA-256:3ABC153A23238560E2B347CE0897916C7D4F8A7AC3F2E02732F6D5BD2D1BEC26
                                                                                                                                                                                                    SHA-512:D4C294FD119119AEED63FE2E8C6C107CB6579451D325EE5F34239DA4AB9A7F7420F429FBA2D34537A2C676738062459FCA48D2E339427794A20C3871324656A5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qradiotunercontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QRadioTun

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qsound.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1459
                                                                                                                                                                                                    Entropy (8bit):5.080927467175134
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:AHQ098mXIpmNDzVZRURU2SnOkC6OA2wmB/gNZ3mNEHpvqtna/5oB:YQ098RszhJhCZAzmGDHp4a/2B
                                                                                                                                                                                                    MD5:FFA368898FE5E66FCD903D07AC5FF5AE
                                                                                                                                                                                                    SHA1:40D61223371CE75FEDDC84BDE3E918E1496EC513
                                                                                                                                                                                                    SHA-256:55D5FA4E27E844979F7AB83173CA8DA48F5240ECAA79F370C71F9CFDF4FFE6F1
                                                                                                                                                                                                    SHA-512:2C76896BAB0179F83AC7432AB54B08DB96832DE3BB8FEED9E8E9D28685C4D5F1E964D60193C2E9FC2950874F39CDCA2D512469AD4A65F57DED4460416FF7FB65
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qsound.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QSound : public QObje

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qsoundeffect.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2275
                                                                                                                                                                                                    Entropy (8bit):5.032035126365902
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:3Q098RszhJhJAtd4SQd6BbJHpeyRZ0ZXyaDB:ATszbAXUd61AXV
                                                                                                                                                                                                    MD5:6870105C2C70BE8ED2BC28D2456BAD64
                                                                                                                                                                                                    SHA1:D2010B74EE292F40DDE6C48CB8B705090B61CB44
                                                                                                                                                                                                    SHA-256:40684B79B87966651E303F6BBB505401CF9636A225BFD34024AE1D19AFD3BC74
                                                                                                                                                                                                    SHA-512:07F0F49D395BE7392420054080A55F52D6B8E6831838D586AB3E652A1F49668A2B073364E449D1EA00B189ECAEA0418AD112AD8D0346B1DAE35D15F1558A333F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qsoundeffect.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QSoundEffect :

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qvideodeviceselectorcontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1726
                                                                                                                                                                                                    Entropy (8bit):5.055362008405543
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:iaOHQ098mXIpmNDzVZRURU2SnOk52GUS75rb9Q3r1vQH3i:ijQ098RszhJh6S75rbO3rxQXi
                                                                                                                                                                                                    MD5:8B45CBB98CCD4C55FBABED3459960D6C
                                                                                                                                                                                                    SHA1:1DCA6E881EDB2AEF3E72E96B4ECEC532BC269703
                                                                                                                                                                                                    SHA-256:2C939C4A13740CAA37DB80B2E9B15D994B90EEBBF1F5AFE814017753107FDF85
                                                                                                                                                                                                    SHA-512:F8EF31C7B3F9131C6B6AC58C2884ECBC8629A6E7B8E66B7EFE925C67F959818F3690EBB340C2101F3D90ABEC7D389197D69E7E8F2A4FC5CCC423CCE8D4B7813F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qvideodeviceselectorcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qvideoencodersettingscontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1792
                                                                                                                                                                                                    Entropy (8bit):5.080034690469532
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:itHQ098mXIpmNDzVZRURU2SnOk5kjSXE1+/1yMSuY3I:idQ098RszhJhcSXy+tyMSuY3I
                                                                                                                                                                                                    MD5:361A9080BD21107F1C7E4E75CDD19747
                                                                                                                                                                                                    SHA1:974DAADC521CCB9AF77664B371C02B099559F8B5
                                                                                                                                                                                                    SHA-256:0E59623AD66E3B76E8CD6BE2B3BC9268D8420A174A9B35236CD7A1A9665B0BCC
                                                                                                                                                                                                    SHA-512:755C80A1640A8FDAB04D9D17A09EC0B848FF11E6EB45D31FD984D4A2BBB8D4AF29D9CCE7F61BBB91FCBBBB124AE1F15153D1E537C72AB616F12FCCBA3967F311
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qvideoencodersettingscontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qvideoframe.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4494
                                                                                                                                                                                                    Entropy (8bit):5.083098132705831
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:iAQ098RszhJhtatsNVcOb5YFJIu7DN49hAwK0hLbdPkfRsO4rU+hwvo83Pr76syD:yTszqtPz681dsYyn
                                                                                                                                                                                                    MD5:A7AF237A702530B16C4406DDA656DE16
                                                                                                                                                                                                    SHA1:2F93B5B9BD59E5E95AE4CAC7E007B072F58AEF9C
                                                                                                                                                                                                    SHA-256:DC0C8E104A9F45856123B164E06D4F0E8FAE838050719F4A98DA70A32CACAC04
                                                                                                                                                                                                    SHA-512:A976BA85AF49256B63802B2FED0DB7F0470EE104AC898EA5C922F67BE380630536BA6F1A8EF9ADEF18F55DADA5C16D2D86ACDE8FBE19D63356166115DABC9B1F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qvideoframe.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QVideoFrame..{..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qvideoprobe.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1379
                                                                                                                                                                                                    Entropy (8bit):5.146956842217859
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:iNHQ098mXIpmNDzVZRURU2SnOk5juA2zHD/MgpTFH:i9Q098RszhJh0ACHzMuTZ
                                                                                                                                                                                                    MD5:A2A257085441246FC1EA7B8F10BD900E
                                                                                                                                                                                                    SHA1:4042DA4B37A7D84BACB076CD3C5BCFE1660189C4
                                                                                                                                                                                                    SHA-256:A10CCA2F88977035F5EB5B4295EE9F812775D2A64397FE74CC43D9140B50EC77
                                                                                                                                                                                                    SHA-512:1B77B9967E9686EF418C3F571ECD9F949F3C146F47304FC99320BAE4C0D04757188A2434407F9E7C96844A48C82868955295F88A4733E0E2466F4550061983CB
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qvideoprobe.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QVideoProbe : pu

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qvideorenderercontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1366
                                                                                                                                                                                                    Entropy (8bit):5.127952791335911
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:i7HQ098mXIpmNDzVZRURU2SnOk5pslSw6VtlQIG:izQ098RszhJh2Sv3E
                                                                                                                                                                                                    MD5:D54781D4A241F298E4FE71E975367655
                                                                                                                                                                                                    SHA1:1B6AEACFC4462FD2E226EF98689A8BC587088656
                                                                                                                                                                                                    SHA-256:630E85940E5BB3DE6EA3F97E95AF005CFF9BCEA65DB3D629D9218B0609F0C25F
                                                                                                                                                                                                    SHA-512:260FA08B2BD8E2771D5B67D2C7FB00D707E73CC67D77CADBBC819A8F1D139EEFEC7D7E320492E3A70911C0B45B94139249E435305BE4B6D2CB3DBF4F35A29927
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qvideorenderercontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QVideo

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qvideosurfaceformat.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2933
                                                                                                                                                                                                    Entropy (8bit):5.128053892129383
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:iPQ098RszhJhWsE165DRPT1ByfK12KqYGBOpJA3hmVVvNdxEyNc1rn:bTszkl165DRP1DwZn
                                                                                                                                                                                                    MD5:43F1B9CFD87F36BF4621D7CC44226A62
                                                                                                                                                                                                    SHA1:B5A3D100EC4202D9B47365A7474B477ED2FDC87A
                                                                                                                                                                                                    SHA-256:B29D250ADA21650261E7B54B9003A8C6486DE9A4B4F6B36FDCB6432AF2B0445D
                                                                                                                                                                                                    SHA-512:613CD5EEBA819A9BA1FDD1A58C66C4625708E7B79E7F0C78D905862B502FA13891D1A2FFFB04BA7A6ABFC44A76F5AE4AA66A371469C2AF9BEF9DD60BD10F4488
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qvideosurfaceformat.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QVideoSu

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtMultimedia\qvideowindowcontrol.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2314
                                                                                                                                                                                                    Entropy (8bit):4.999846533061037
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:i4Q098RszhJh+SmzKY2xBzZ0XkArJfierZGAASxMS2c5:OTszJmmYkoXkArJfierZG7SxMi
                                                                                                                                                                                                    MD5:D7CE143DDE9B584C05D7A5AF5BEB5A0B
                                                                                                                                                                                                    SHA1:55FC75D1D75583A15AFBAAFEBFD3BD784A0F3C82
                                                                                                                                                                                                    SHA-256:23243BD03BB6E875DDB157BE980F4E148A4E93149D81E5D790B14004D47840B7
                                                                                                                                                                                                    SHA-512:A9EE527D4784220D40977CE94FBEAE9C398A61FFF1BD2EA0B3CB1CB45D1C1ADF6FF997348F63E19E4601C04CA41330CCEA542E5876E409DE8F2DE0FA41310717
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qvideowindowcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QVideoWi

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtNetwork\QtNetwork.toml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):184
                                                                                                                                                                                                    Entropy (8bit):5.114379447940489
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:SZ3GMiyT8QQCQIMQDKNveXOeovAMKxwehyIWWMKxtHO+Cm4o6Mvk/dkC1WiE4yn:SZDim82QIRGWXOeovANthyIXo+Cm4o6k
                                                                                                                                                                                                    MD5:19C1FC8291645B8928159FBAC573112F
                                                                                                                                                                                                    SHA1:291D3C0660104A36D142AB0541C89EF9B76C95B4
                                                                                                                                                                                                    SHA-256:2B8CE851616CA1A34B480F79035799496E8244990A1563C7BC6C449754444795
                                                                                                                                                                                                    SHA-512:DAE6136CCBD0C67BFE1C881E84A65AB50FB5B37457D8520589F120153AC2695664391265F818B83D81A4AD603661129A3BC5D2E9D0DE992BC72B8C18177A29F2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:# Automatically generated configuration for PyQt5.QtNetwork.....sip-version = "6.8.6"..sip-abi-version = "12.15"..module-tags = ["Qt_5_15_2", "WS_WIN"]..module-disabled-features = []..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtNetwork\QtNetworkmod.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3184
                                                                                                                                                                                                    Entropy (8bit):5.105202963617387
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:nX2XI098RszhJhAXYb98tAzhAS//Oh4hEcV7gNDuZARYv74G5PEVH9ClAh:XwITsz4hAle6a3QAh
                                                                                                                                                                                                    MD5:EAE2C9F5B1A9B11FEC42342D16A4B4F7
                                                                                                                                                                                                    SHA1:A6F3CE299D5D3E68B727528B5D1FCBB58A777B07
                                                                                                                                                                                                    SHA-256:26BF2A40F9CED2CA6F04E8AA2018DAB1D9471D6E494F954649DED3F4C34BB291
                                                                                                                                                                                                    SHA-512:453DAEA05711BF3615E0BC4540AE31BA00A30A0465BC9B1420D77A8CC50EE9227A6ABB61490303052CDE70B53912F21FA65C97C0C2077E298472B63F193DD4AC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// QtNetworkmod.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%Module(name=PyQt5.QtNet

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtNetwork\qabstractnetworkcache.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3076
                                                                                                                                                                                                    Entropy (8bit):5.103856120116643
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:4ITsz2zyMK6yeUQNIHQI8FYn8LiAIlKd1HDNeNxhX6HjoNuNAN+W:B2j/QHYhAIc3HZGxhX6HjoN2Ar
                                                                                                                                                                                                    MD5:12462BA7AFC1475299C74A0DECA3B466
                                                                                                                                                                                                    SHA1:562AA670A1D7A0D469CBEB280CF477E84F587D53
                                                                                                                                                                                                    SHA-256:BC4C7E8DA79E1A71547FF4ABE2A77F3BAE5BEB97DCA8C0419A0A52985B9B8774
                                                                                                                                                                                                    SHA-512:A146F5F00DF96019F887DF3E266438500F1EC01A4340AB98C0B3EDF24D9A0F576B3E1B3A3065B2082068E14DA488325BE5838B304AE0C792F2CB6F6430CFF435
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qabstractnetworkcache.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QNetworkC

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtNetwork\qabstractsocket.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):10807
                                                                                                                                                                                                    Entropy (8bit):4.977056478297783
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:8Q7yw385A2hXTqKu5XgGEaXJHEhFXRXlCX1X9XKX7QaROMR4RxW3EkuSc:F7yu85A2hXTqKu5XkaXReFXRXlCX1X9f
                                                                                                                                                                                                    MD5:8DD9EFBF6FEF46D96046770A8EEC9C59
                                                                                                                                                                                                    SHA1:13FCBF0676BFD5A734D95686C1372525350453DC
                                                                                                                                                                                                    SHA-256:4B47783D9FD4A075E1EB1B62EC46EBCE9D34570F94561252570F3089BDC3D86D
                                                                                                                                                                                                    SHA-512:FDCC91D025BAD9E8D683C6B3707FB989709A672A1B56F519FA8FA25FB51D7D02590080E3AE65F375EB1B118BC31EF4D341C21E4EA2A77B892658C8D5652A2CCF
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qabstractsocket.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAbstractSocket

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtNetwork\qauthenticator.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1628
                                                                                                                                                                                                    Entropy (8bit):5.0492135386287735
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:pXI098RszhJhXQ6UeZEPSOni/nycK15An7:5ITszG6l/OngT
                                                                                                                                                                                                    MD5:EA978C06DE827777070F5669225CC279
                                                                                                                                                                                                    SHA1:38BD45486F00491D3D89473C819B54350C0AFAD9
                                                                                                                                                                                                    SHA-256:F1A1517FCFC2DC40B996A02A911E461EBCC58FD57F2CF1555CCDCB5A35723DF5
                                                                                                                                                                                                    SHA-512:B6D2B1C0A465538BBC9467EDAFB04AC5D2692D233C44F1F67ABF8D8622B78FA19C632AAA64859E813FB1CF42DA0DB41BAFF793F551BA4109EC79906886235CB0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qauthenticator.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAuthenticator..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtNetwork\qdnslookup.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4871
                                                                                                                                                                                                    Entropy (8bit):5.10686448447605
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:XITszc4geA6up0A96p6xAGrfH1A6le0UHH1EsyA6C303KX6tAeAMnuUaYAtxOYbU:CV4geapLYBGrfH1Zen1Esy23zTeAMnA+
                                                                                                                                                                                                    MD5:A31DC17CE3A0961261B3341CF8160A6B
                                                                                                                                                                                                    SHA1:3A47EFD2AFA4C9D08FCEF420B0223B4445E32E93
                                                                                                                                                                                                    SHA-256:FB4A4AAADEC2ED67B7828F4B5F303525DA7B97396BF2CF3CE2C12850B4A95416
                                                                                                                                                                                                    SHA-512:02287307C17B2C4F5C8E9DD14B1A6A8D53B1C472C51EA101F0763804E86BF735907A1FB006ACA7F3E1F8BCEACB6228C2A64979DF5271849A457E4E27132EE11D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qdnslookup.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QDnsDomainNameRecord

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtNetwork\qhostaddress.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6167
                                                                                                                                                                                                    Entropy (8bit):5.178384732133294
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:0ITszJPGQW5RjhLxlW2V1d+Yi5+hvvUercQoYJKdGAxFQWAvk:dUGQW5RjJxldJ+Yq+h3UwcQoY2GoQWAc
                                                                                                                                                                                                    MD5:8216A11813C1DB153B7BF2FA37A2DE33
                                                                                                                                                                                                    SHA1:3A50472EEBEFB2329C0F3E1EB1EFAEB3F71A8550
                                                                                                                                                                                                    SHA-256:D119122A8460A6FC77066100782D5A4B0D96D7A33A26C0E38B1B236E7187DA62
                                                                                                                                                                                                    SHA-512:35ABF124243D5856F69CE2D5C76B9862A3B22A06C41EE16BA7C9C9FF16A341450F11ABE0F51E6FE2635C15AB0BCCF9C24E2C8B1A7C0D282341D3A2C8CEFE8D53
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qhostaddress.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QHostAddress /Type

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtNetwork\qhostinfo.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3099
                                                                                                                                                                                                    Entropy (8bit):5.121592779538777
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:SXI098RszhJhMOgPCGB1qi6BRUagBJdZR7fbi0F9z12ClmqWP/sHIBtsdQ:kITsz6dPCZiMUaGdZRy0zz125bMo0u
                                                                                                                                                                                                    MD5:2F8D968BE50183A0E56C4A379A08EC22
                                                                                                                                                                                                    SHA1:E7BF156C9DF69E07B188B1024CF3940BD31A32E3
                                                                                                                                                                                                    SHA-256:F668589D4FE85296D4832F5EB53D765D3A35D29DFA92DCBAA790365A3A760B59
                                                                                                                                                                                                    SHA-512:D3B91B3D99266CFFAD0AB1C0F77D2A1A440A938F391857685CD214E2FFDD40863D5100D68CF0413732AA489983E6D5EA078AC4A5358F96881824473EEE480979
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qhostinfo.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QHostInfo..{..%TypeHe

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtNetwork\qhstspolicy.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2174
                                                                                                                                                                                                    Entropy (8bit):5.246671451013605
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:8/XI098RszhJhpbHlziHWRl0BCWTdbPYf021HJWZzJWZEal:8fITszPFziH4l0B9TlMRJWxJWTl
                                                                                                                                                                                                    MD5:75FDD2DB0AAF14C4134F1AC02510A5AF
                                                                                                                                                                                                    SHA1:ED06057064CC7D86816AE8D1C68D8B9C979AEADC
                                                                                                                                                                                                    SHA-256:C963E4D7545273017797E086539EAA149C802601AB351A37974ED0CFCB7CD911
                                                                                                                                                                                                    SHA-512:EE029114868178AE007BDD82F92A575EFFFBC18A21778D97B85D928FB31CE4CCED255B0BA8CDB0E6D9632004B4BE409CE040928E01E5CB39E2911F0C555276CC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qhstspolicy.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_9_0 -)....class

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtNetwork\qhttp2configuration.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1987
                                                                                                                                                                                                    Entropy (8bit):5.1728691101942985
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:eLXI098RszhJhp89qz6R6O63vED2Y8N8+:aITsze06R/a
                                                                                                                                                                                                    MD5:DFBBAFB53EB5E0FA570CC21E84324923
                                                                                                                                                                                                    SHA1:C2763F0CBD228D963D543BDF32E73D45A9A5BEB3
                                                                                                                                                                                                    SHA-256:E3F97257C7D1D25C69C6240D8958D212A3309F6B72FCB37AB89A7510739FB887
                                                                                                                                                                                                    SHA-512:1E4BFAFB03A7E18EE02B38C8DBF048C25DCDE83963D31C8EE586550D35E309B27EE28B1AA4EBDAEF81D6CB709C2009FAE6026D1D348D22AE48D1BFC929B15A62
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qhttp2configuration.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_14_0 -)

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtNetwork\qhttpmultipart.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2182
                                                                                                                                                                                                    Entropy (8bit):5.1208649558933095
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:CNXI098RszhJhFATClqqh6jrEtE/m/VVjlAT3ysrqKE6A:yITszo2N6jpmjxAGsrwX
                                                                                                                                                                                                    MD5:97F905DB26DF9A64B494AE9B2DC2B5AE
                                                                                                                                                                                                    SHA1:2D23CFEE5FFB67845D9EDFB16971D712E4A1D433
                                                                                                                                                                                                    SHA-256:936F9599BB10F900F6C999F561493941918DBF79B167CA8B4BFE1B51B59E6635
                                                                                                                                                                                                    SHA-512:00652BF02681E2FE7C5B131220147B438CD63E9292BC0206EC91C3D6E94DA228A95082152658BE398307E18E82137FC1776C0735F4E924A58916FAB7E6F1CD4E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qhttpmultipart.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QHttpPart..{..%T

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtNetwork\qlocalserver.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2443
                                                                                                                                                                                                    Entropy (8bit):5.072675719951131
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:sXI098RszhJhDA/mD7R67UagQXvaAQnvZ8vc6vKFx9BpziSZDY0:2ITsz1AEAUaLXgnx80PxzprY0
                                                                                                                                                                                                    MD5:84D421440DF80363BD254AC4619D486A
                                                                                                                                                                                                    SHA1:CF85E335EFE5F8156E3C07256058F542A6A56E2A
                                                                                                                                                                                                    SHA-256:A14804087636E2DDCF6645FE7360C31E5A2A449143A37346454D5E7548417EAD
                                                                                                                                                                                                    SHA-512:2849E637A02D7F239881EE6B62D9AE40141C0C0D7476A1732E81BDBCF6A654675F6A011D0433F849D2A29ABAB175C323AA21C27ABA45363E7142EB3717C8A85D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qlocalserver.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QLocalServer : pub

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtNetwork\qlocalsocket.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4654
                                                                                                                                                                                                    Entropy (8bit):4.977633917224188
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:EITszHdkX9E806XRu5XosMGNXa/XCO89RaLW5l:tM6XjXRu5XosMGNXa/XC5RNP
                                                                                                                                                                                                    MD5:761C6FBAF9A14B17F40363D9C6594A3F
                                                                                                                                                                                                    SHA1:2CE28A97ADC4167268FDDA0222ABCC5435C73EC8
                                                                                                                                                                                                    SHA-256:440DF7C78F27722DACBDEEB27834F782A3DC7A5FC12ED298D86AA4A11C7E61EA
                                                                                                                                                                                                    SHA-512:4F23DD5F06102BD8E6CE304ACA68B8E90A14276AADBA08FCFF847C051DD6251F7A19C83D787BA2A98770B6DC89343BAE7605148089EC97C7BE8DDCE34AA8A3A0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qlocalsocket.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QLocalSocket : pub

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtNetwork\qnetworkaccessmanager.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6059
                                                                                                                                                                                                    Entropy (8bit):5.208630860225217
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:hITsz2VAHsr8iL9KFyvFWgzlpFkpZkO4CyKpGlK0ln:ElAa8M9d1znijkPCyT00ln
                                                                                                                                                                                                    MD5:52A7BD7C744FA7E3AB80941D87B665C7
                                                                                                                                                                                                    SHA1:757265D8AA7F0F06F9C91FD9930E767AA85C7320
                                                                                                                                                                                                    SHA-256:8C08CF9931F464D3113198F8E99D02BF04E339708110A0EEAEFB054B751D3A15
                                                                                                                                                                                                    SHA-512:3FCD5AF9CB5BC3398399678E101219D4730E08F37045DEBB949A0BEBD91A8904A0A14E3793AE4E42C8077E018F11826CFB69B12CABE136809C3EBAA9D92358B1
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qnetworkaccessmanager.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QNetworkA

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtNetwork\qnetworkconfigmanager.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2591
                                                                                                                                                                                                    Entropy (8bit):5.0693990113997724
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:RLXI098RszhJh41A3qnJG5GWi1tZIBL7feHgwshu5:xITsz21A3Z9e/UGHgw0u5
                                                                                                                                                                                                    MD5:CAD2A49B31B41658E09773095CB7B144
                                                                                                                                                                                                    SHA1:1BCBE7256256C5FB14E65C1CA032A776EEF4E695
                                                                                                                                                                                                    SHA-256:BF6A668FF97AFCD263F2A4EFAA9F5B1A3BED709166C9BA73852C5316EC1FEB71
                                                                                                                                                                                                    SHA-512:AD237E4DF698F237D33EDAADDB16C1B62FBD95368F2479B63CA4235F002ABB89BDE63D76C106122405AB8DAD7B19E0AD76BF73B6F5E64580D70C986D12A98AAD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qnetworkconfigmanager.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QNetworkC

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtNetwork\qnetworkconfiguration.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2906
                                                                                                                                                                                                    Entropy (8bit):5.039126980225121
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:OLXI098RszhJh4jqD6DCPSmA4FTOrS+haqcZ5SPp2oq2ZGZYB36bE1Lxn:qITsz2jk6BnQFEqSn
                                                                                                                                                                                                    MD5:807319A232D07270AE0E8FB49A88F5CA
                                                                                                                                                                                                    SHA1:42954A585D1F8FEEA3BA65A723014B1B91760F29
                                                                                                                                                                                                    SHA-256:EABAD54BA73F27F6A0BA3415F6B859B4A41F7EE81C2EE16B9D50A9D2633DBAB3
                                                                                                                                                                                                    SHA-512:8E08C0AECFF17DEE2AFDC85286DFD09B4DEC5F077BBEDBA54CFE2623A39FC7CAFF06DEB4AA4A78C9B1EB125647D7FB00AB4C30B2A648996A28603B13F4FCE9BF
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qnetworkconfiguration.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QNetworkC

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtNetwork\qnetworkcookie.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2305
                                                                                                                                                                                                    Entropy (8bit):5.053678504045358
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:4XI098RszhJh4IKv06hS8b2XRx4GTy3Nn09oMgBF/Lpu:aITsz2bs6gT93ontu
                                                                                                                                                                                                    MD5:C8F97C19964255FF4B66B77C2967AC8C
                                                                                                                                                                                                    SHA1:8531D9CBACA1E0270E53B84AFCEFE7739492BBCB
                                                                                                                                                                                                    SHA-256:A773B3A9661A0C0F9E36DF1A14767538A725F73ED922EE1A5F9E9330F9A2E005
                                                                                                                                                                                                    SHA-512:D22AE0B9E7AA23C462384E619AA140A69AB231650CBC03F4985021F1802950CEAADB42A0A61D04BFF9569834D8B3013B97AD559E4C7B76BFD28777A543FE4757
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qnetworkcookie.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QNetworkCookie..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtNetwork\qnetworkcookiejar.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1768
                                                                                                                                                                                                    Entropy (8bit):5.097895173660741
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:vXI098RszhJh4nAo1f/RNAQXigoXCXqXR0wZPpQXSZAG:PITsz2nAY/RNrXigoXCXqXuwZWXSZx
                                                                                                                                                                                                    MD5:2681DCCB01DE0D2E533BA0D21723C052
                                                                                                                                                                                                    SHA1:715A24FD6F009DB2EDE3C6332039D791F7719645
                                                                                                                                                                                                    SHA-256:F62F92E7AE89D846621C43D09FA80C6BB728A87670B6EE914D01203D4A7D5475
                                                                                                                                                                                                    SHA-512:B2B91835467EA1ADBFE743900ABCCB6FDF1BAE621178E14B42728A310D240B9D5C307AF4E51108AEED8F3DCFDE32069508571E3E939FE588FE90EC98CCF8FC92
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qnetworkcookiejar.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QNetworkCooki

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtNetwork\qnetworkdatagram.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2020
                                                                                                                                                                                                    Entropy (8bit):5.097880238914727
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:KDSXI098RszhJhph4tBA6dBEdqV6H/VckieK91O4sfQwsQkq1YNS:WkITszlO+U68JkQXQ1J
                                                                                                                                                                                                    MD5:16AE56EF47352A5637F49D0851D055F0
                                                                                                                                                                                                    SHA1:4BA4291675351B031731C07A803C46BD4BFD7D70
                                                                                                                                                                                                    SHA-256:BF888C5F497671F61D9989535238750E591C44B4A45D119EDC9007B89BCDEF98
                                                                                                                                                                                                    SHA-512:A31B00E8C90D96C819BD07E214884632A886871E40690F433DCE54191281ABD31FA05CB5875BF5EF8AE2F5996827A56CF4C7E76CE8F9E8E0A2EFE7E217E417C6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qnetworkdatagram.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_8_0 -)....

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtNetwork\qnetworkdiskcache.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1938
                                                                                                                                                                                                    Entropy (8bit):5.137580397536207
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:ZXI098RszhJh4oh/+So6opQ6o+jopQdbZoDNGledrSX6odExe74hAuAwr:pITsz2o1+Z6oq6o+joed1oDNeexSX6o6
                                                                                                                                                                                                    MD5:87F75B306A94319F531B75596C4428A9
                                                                                                                                                                                                    SHA1:0781DA43EBC4214AA2F0427855BE61E478EB97BA
                                                                                                                                                                                                    SHA-256:30FBDD2E61D1270C87D60A866CA083D1912E183D9BCF66CE7F533D35904B4F01
                                                                                                                                                                                                    SHA-512:F09E4052DE86463396EA362379B3CC5FBDF473C74CB18E04997306A34742795115E582CFB524CC6EEBEDEF05E19FDAC3724D0A39BBED749218CC2B9F2AE20C48
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qnetworkdiskcache.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QNetworkDiskC

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtNetwork\qnetworkinterface.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4334
                                                                                                                                                                                                    Entropy (8bit):5.110127289362262
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:rITsz24w65V+EYWU/Qb2ZUIPe6JjXECPZZEYm:mq+Em7ZEWZEz
                                                                                                                                                                                                    MD5:4E9E6F0DE58BBE50F38EA6B1F211F876
                                                                                                                                                                                                    SHA1:DD67A6525C63A81A326CD65C80D3F99EFEBA0AC0
                                                                                                                                                                                                    SHA-256:69B7B0FD1A5B968EBF8EB113358C1A1172B9C15F301EE21BBEAF51F334789E88
                                                                                                                                                                                                    SHA-512:3A8B7FCE2B2D0479ADA17DD86463675C5126BF8ABA7325E2303E6FC5BB26EC4FFCC091F8B8744526102D39680858425437D0DE71123D466721812C94DCA59A82
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qnetworkinterface.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QNetworkAddre

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qdial.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1918
                                                                                                                                                                                                    Entropy (8bit):5.072703798949797
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:o098RszhJhxWZ9P3yChJ3QFNdQbTN8UQXLEK2Ieephe21:oTszixRAi3NYXLEK2Ieephe21
                                                                                                                                                                                                    MD5:1D5B1B643E445AA199D7BC278061E330
                                                                                                                                                                                                    SHA1:D509837A8ABEBAEFC92DDEC18ED24718C7855E79
                                                                                                                                                                                                    SHA-256:AF2F6738C1E00196335383F3F281EF0DC5C738D1D6531788211B0749E545CC3C
                                                                                                                                                                                                    SHA-512:B27455D43B05C8BD25B9087942332FDE978748483AB524855D0F98AF5DCFF8CBF67971833A0307403B38D858503FD041E850175C84ED41CC1477AB5810407D4D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qdial.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QDial : public QAbstractS

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qdialog.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3491
                                                                                                                                                                                                    Entropy (8bit):5.000804777043131
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:CTsz9q3xPihJ7iwpuK8s/zk1euK8s/zk1We76h6qJhSKguXS:Ukq3xPihdiwpb6ebKWfMIhSKguXS
                                                                                                                                                                                                    MD5:4D8ABB26DD835201CB0DDCEF75D802E1
                                                                                                                                                                                                    SHA1:F71553A9174ED2D42D897A4D17E1884AB5A7DD80
                                                                                                                                                                                                    SHA-256:55933B969BFB279B3F2C092BBDCA428CB804193BAE450AC64E6B7109EE35980A
                                                                                                                                                                                                    SHA-512:B951AE28445BFC58443ED880EA8C98E1CB0730F104640394EE1DAFE0F80FEEA14C762AB944DA90B31A02AFC0C1F1E181D1B16F2450CEB9833AE155EC4F44D5E8
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qdialog.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QDialog : public QWidge

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qdialogbuttonbox.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3883
                                                                                                                                                                                                    Entropy (8bit):4.974042836286274
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:JTsz+yy7AKipB8r02juk2GzV1e8/IXdp0:NpyVpBv2jupGm8/IXdq
                                                                                                                                                                                                    MD5:8B8076E43DFB9022058262F881CA9B27
                                                                                                                                                                                                    SHA1:FE5EFD4551986CFF11CC8AF55D4E66F38A9356E0
                                                                                                                                                                                                    SHA-256:F73B91E4DF368A1260F1C956AC826800972966D00E87A575ABDA293C143869BC
                                                                                                                                                                                                    SHA-512:84C07DBD1D465CD15D0EA681CEBAAEA885D5EA8449C3826A11EEC1CEF1569AC605735733AE48B049374CF459EDD515B6207875AD5CEC92A9D74B487DD297F74B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qdialogbuttonbox.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QDialogButtonB

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qdirmodel.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3741
                                                                                                                                                                                                    Entropy (8bit):4.990903950603874
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:CvTszEOVf+agPDNTknX9XnXMh26FRQXlyRYayJQCGZ4R+Xl2:4O+a8DNTknX9XnXMhpFRQXwOtJQCGZ5M
                                                                                                                                                                                                    MD5:950C5947B36CC3AC339B5C7E89A53074
                                                                                                                                                                                                    SHA1:8B225F9641F4E5CF24A729F3CB82C8EB018F351D
                                                                                                                                                                                                    SHA-256:2C67672B22ED2E6B9604469289D01B83E2CE2ADFEB910A05211C49BA3240F36D
                                                                                                                                                                                                    SHA-512:E537F9651C73CC2F14708ED55D7AC50C1A50954C1B6AE61139327707E4AC2B609B5A364A2AA5B31476D7313623C21779810E6EF4A13996984394386CAD8BC805
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qdirmodel.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QDirModel : public QA

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qdockwidget.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2882
                                                                                                                                                                                                    Entropy (8bit):5.074720786118968
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:5x098RszhJh4PqJeyQPXjLFOLcRDcxawcekGG0Ze2cxLctlQ/ItIlIXd0WPxg:5xTszmUerPXjJwADW32YzWLUy/ItIlIi
                                                                                                                                                                                                    MD5:214DCE532429A2E4279BA2EEF0A5F716
                                                                                                                                                                                                    SHA1:12351B7B4D7E0B825CA96FFD5553F37FB60C0892
                                                                                                                                                                                                    SHA-256:EACEF23C0E424489E8528F69AA907F5F62A3E1A3914D3A8B2DF2A71ED29987E0
                                                                                                                                                                                                    SHA-512:CB69E53D9B040245C7EDE6A70183EF13E5F654025C68385A4FDF5DE3DD32E79F2AC2336E0F12D1C7FA4F03581CB95BF05051F64EB7B977A6D0617F5B0A0BED3B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qdockwidget.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QDockWidget : publi

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qdrawutil.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2769
                                                                                                                                                                                                    Entropy (8bit):5.0328520246425725
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:8098RszhJhsNlP82VlUobKTowlyKTlq4KTBQKTC9Ksx5s:8TszEh82V2y+Ro+E4+BQ+azS
                                                                                                                                                                                                    MD5:C1059F2331CF5EDB1E6873EFEC9C4CF1
                                                                                                                                                                                                    SHA1:8609F3933024CA65413B5D5E868E5A94B6AE8950
                                                                                                                                                                                                    SHA-256:75BCEF58B6789775D6C55C978360097CE280F5B9178B6E5C8EADE29A4EFDF774
                                                                                                                                                                                                    SHA-512:E4430DA79F45A5636E2A2E41544BE01E783B2EB84D728BCAB4564DC915A5C36C2FDC309186BD7BED7582608E5C3E882CB4F388949D11F315C09E3A787618A810
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qdrawutil.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%ModuleCode..#include <qdra

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qerrormessage.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1437
                                                                                                                                                                                                    Entropy (8bit):5.127295668281338
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:ecR098mXIpmNDzVZRURU2SnOkSS1RqFgcaeCaiJw:R098RszhJhfqCneRiJw
                                                                                                                                                                                                    MD5:4DD547CBDC5A0A287F906D6B85CD7393
                                                                                                                                                                                                    SHA1:5118CCDA424C460C44A4FE8250B8CF9F9653FAC8
                                                                                                                                                                                                    SHA-256:625C32292649ED5AF131B6A2A1F514257A07DAE7F7C184244830C32A5F557164
                                                                                                                                                                                                    SHA-512:678ED29E75C9DA796DB84AB445F58E68EF597E9C939D826ED3E6732CB1A631D3A078D00B862B49AFCC93C74247DEAC6550FF1BF5496832A3D59CB784EC92972D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qerrormessage.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QErrorMessage : p

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qfiledialog.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with very long lines (331), with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):12969
                                                                                                                                                                                                    Entropy (8bit):5.038397698762568
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:KbU875NSt+gxf2+p78NMrke8068WFt8m7T8WmB:Kh5NSt+ghWFJ7H+
                                                                                                                                                                                                    MD5:A58F6118DD8CC302586814F349A8A1E3
                                                                                                                                                                                                    SHA1:13D1EB8D9FEEF13DE110364065F716AD4FB3CA80
                                                                                                                                                                                                    SHA-256:F12A0554F41EEFCDAEBCEEC3732C774B5E338B32565AEAA3F4B5330760A12436
                                                                                                                                                                                                    SHA-512:064FE43EC737D389E71457B4EC31DB66EAF35417705450652B0AD901B50007AF630E6ECE0C56391221536FE7EA778CCE71C73B36223EA19E5965C7C880AF4766
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qfiledialog.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QFileDialog : publi

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qfileiconprovider.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2011
                                                                                                                                                                                                    Entropy (8bit):5.13494542074036
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:Fy098RszhJh9PKLUTwuR3dDs+EQdqQjS4KwmRtEblcEQ7VVOT2:oTszryLUMYp5nbJIuiNBVOT2
                                                                                                                                                                                                    MD5:09E438D36F4B55C01751D31B1FEA6FCC
                                                                                                                                                                                                    SHA1:B456B43236D8D08A41487966D0077608490A5C9B
                                                                                                                                                                                                    SHA-256:32FB40F9A364057AF89D197E787C997AE3095D5731E1858FEF53104E6ADE44C2
                                                                                                                                                                                                    SHA-512:14296FF8AFAB1EE44F51FC5086AE225F1EC9C1FADBFDA685740975A0BA0CBE2280E59163D07C686E091FBA0E12555DE9731D37E7CE5926D986BF6CD6969733AA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qfileiconprovider.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QFileIconProv

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qfilesystemmodel.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5224
                                                                                                                                                                                                    Entropy (8bit):5.039783637228912
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:mTszaBeagXXXMXmrNUHn/nXkMnh26FRkXlyRYayJU5CGZpJx6Zzz9XdIxoH4nG:4DeaeXXMXmrNqn/nXkMnhpFRkXwOtJ2a
                                                                                                                                                                                                    MD5:D7ED37EDD77CA9C9912E8286418BED96
                                                                                                                                                                                                    SHA1:F46090A670D67B9EF09F75838E6C368A7249EC59
                                                                                                                                                                                                    SHA-256:394A8A008C37350091A0518463B119C56B40FB874BB91AE310B1724B7CCF0899
                                                                                                                                                                                                    SHA-512:CA58CEDD3DCE1EB877DF4D17739DF5D58DEF5F5EA24F04CEA2ABE14BC24247E7FAFA807DA75E752AB1FE75DB08823D5DEFABCF2B86A47F0DAE2662BBE4C80CD0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qfilesystemmodel.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QFileSystemMod

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qfocusframe.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1431
                                                                                                                                                                                                    Entropy (8bit):5.138525178747192
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:+cR098mXIpmNDzVZRURU2SnOkLwB2tISmgMQX0XLM:x098RszhJhikIjgMQX0XLM
                                                                                                                                                                                                    MD5:705216C08147C2C624CB02DC6D4684D3
                                                                                                                                                                                                    SHA1:DBB47B2ED4229CDB3A52B9CABB0631D5A973BF60
                                                                                                                                                                                                    SHA-256:08B8930440DB47281B09918BFF86C099CC7A899C18D2F08364D2ACCFA28348E5
                                                                                                                                                                                                    SHA-512:38BF59A2BC98EB22D0E2E4FF554D29ADA83E38C62A80A2CAB4BFE12D66EB7CE470D23D85C56802600B4E7E277E026EB4846E9738DDB168E485981D0DC3037EA9
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qfocusframe.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QFocusFrame : publi

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qfontcombobox.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1986
                                                                                                                                                                                                    Entropy (8bit):5.103035681982703
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:LcR098mXIpmNDzVZRURU2SnOkXeyoxs0xfX2hThPGx/QFNdHxXqt:M098RszhJhXeDxGTVW/QFNdRXqt
                                                                                                                                                                                                    MD5:1BAAC0B47B6F03BEE1D59390B1643B2B
                                                                                                                                                                                                    SHA1:4B82A6E4F9F897AF688CE72C998005D3A3BE0C14
                                                                                                                                                                                                    SHA-256:9AAD0581A6E5CB7ACEB29FAFBFB970001102DB161F8826FC9FB5C5AAD04A2572
                                                                                                                                                                                                    SHA-512:86A21D458AE2588226BB1F26090E1642EF2C0DBC72C3DA419B817DCEC38A9EAA2DED6D30281BFAABCEA887F49BAECB83C8A7B264299D8D42301922F3170255F9
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qfontcombobox.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QFontComboBox : p

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qfontdialog.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3212
                                                                                                                                                                                                    Entropy (8bit):5.075682076494364
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:t098RszhJhPISW1QLrHt2oJxXSxVA1AbQ+0F+LRpPZ:tTszJgoJxXSI+0odpPZ
                                                                                                                                                                                                    MD5:4ECB752CBD259CE3786E679530FE3B25
                                                                                                                                                                                                    SHA1:A45D997E2B44F8020493BF776E5944770CD947C2
                                                                                                                                                                                                    SHA-256:446CBE2EC42630273ED3F06FC6FF4B4182DA6C7276DB016C468AAC9F76E6EB58
                                                                                                                                                                                                    SHA-512:46ECB2843FD4A283BF07E24B8D2CCAC2B5D8A8FBB1FF9AC32CAED97F48C18442E737981A0098FC335FCD51F50B09DF65D8768832668A912EB311161304C8D735
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qfontdialog.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QFontDialog : publi

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qformlayout.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4853
                                                                                                                                                                                                    Entropy (8bit):5.077069459240732
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:yTszDaGj0JneyTprsVZqVZEVZ4/dehNiSXqGONcqian:EqaAaeyTpryZwZ6Z4/dehNiSXqG0cqia
                                                                                                                                                                                                    MD5:D5C9F59A5503D4C5DB6FBC42C85EC1C7
                                                                                                                                                                                                    SHA1:9954292108EC40842DA83E776C0FAF7FC943C029
                                                                                                                                                                                                    SHA-256:D1CA9153BE861089CA4E45BE9BA83E6C01F3BAEC392177663BA18087F01D9928
                                                                                                                                                                                                    SHA-512:D9995D6681F017A1CBDB9E2AE7F514E5AD509C68A45D6D51A5E54EE467626DB9AE375281B4CD430DEA175FE1480F88B21A662635E732C56D1A8D2D968735D0B4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qformlayout.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QFormLayout : publi

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qframe.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2226
                                                                                                                                                                                                    Entropy (8bit):5.017954755235302
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:J098RszhJhApc8nhQFNdurgAQufGIXL6UylDn:JTsz6pnmozXL6bJn
                                                                                                                                                                                                    MD5:4A336AEC55C0177C6F8438303B066A4F
                                                                                                                                                                                                    SHA1:E815F190A3408E89110DA434694FAEF9E5F9F159
                                                                                                                                                                                                    SHA-256:84CF28152D02AA0370D4119AA26E8CBB86E7326A043EEA15608F3B0E37B20745
                                                                                                                                                                                                    SHA-512:662E29E118C67643795A6BD3A353CB29E739C4DAC9E92D68F12AF3F299A51A73C30720151603D0BDF483E73243D7378919499D4BCF233D4BA275084C07BFED33
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qframe.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QFrame : public QWidget.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qgesture.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5563
                                                                                                                                                                                                    Entropy (8bit):4.990113643499662
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:bTszkAvKVuBz0Knk/8GpQkSKpKok+r88BXb2KA0KU1K2Njsmz+7Tgo4Hh8ql:HRAyO7kRpQktpKok+BXbpA77kjfD
                                                                                                                                                                                                    MD5:B6D6DF36A100811076F58EAAE73E4E1B
                                                                                                                                                                                                    SHA1:71435599C0C9878EAE0F902CD643C7CAA6CBBEAB
                                                                                                                                                                                                    SHA-256:CB087583AEE911C4F9153B08A5D0A9615E4492ABD73866009C2700CA0F1EB95E
                                                                                                                                                                                                    SHA-512:B000C1A3F915726B8199BD15C4ACC8968F76E5FA732463A61E9AB7950B985195C5B4BF21D2BE3D4D77507EB99D6FD7581DB06026F90CAC38B2B6FCE045C294DC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgesture.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGesture : public QObj

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qgesturerecognizer.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1907
                                                                                                                                                                                                    Entropy (8bit):5.086782850976498
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:OcR098mXIpmNDzVZRURU2SnOkjhpVwkwZi2fevX0CD/OIk8kCk6TL6ng64tUGaBw:h098RszhJhd6ZBJnzCDTLHf5aS
                                                                                                                                                                                                    MD5:B39C442AA3B9E176BFB86B38E5F36506
                                                                                                                                                                                                    SHA1:FFD5A25665792FF4370514A7B50C631A53B75133
                                                                                                                                                                                                    SHA-256:06BA81A9802FDA1835299A3B70286372B276DEEF79332FF1424BAE9D1E7B8134
                                                                                                                                                                                                    SHA-512:CF7FC343473F9EDD6123A3A50601BDF9234445CE5AEA0083B781CA17CF3F368FF9DFCA6B19CFA641106878BDDA4CD97D46A7C3D66EDDD482A5BA3FC5F545E942
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgesturerecognizer.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGestureReco

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qgraphicsanchorlayout.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2821
                                                                                                                                                                                                    Entropy (8bit):5.124668444378715
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:Y098RszhJhlAU4xS8wkCU4xLjVVseIboxRsYIy6keIljJQl1zQmIQqbl/G:YTszbAU94CUGjVVNSoLB9ve3l1UmDqU
                                                                                                                                                                                                    MD5:C9B502BD024E98B8177BCF9A37E656C8
                                                                                                                                                                                                    SHA1:BB1D3040F94D42145CF2391800078B8A5B280475
                                                                                                                                                                                                    SHA-256:E8B6BC8404E8C658349D20F9162EB923BBAFE04F0FD977706D08538C16E7BE80
                                                                                                                                                                                                    SHA-512:60379558ACC46DF2CBEF1815B10A9E440ACEDF54D4C6F08D160E35712ED0F8AEB210CD32182EE368BA8EBB25AC89401BA94E68959D7BE9EC09200594EDD3E9C4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgraphicsanchorlayout.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphics

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qgraphicseffect.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5451
                                                                                                                                                                                                    Entropy (8bit):5.10326412943376
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:uTsz3AULj6z5xfyNQJZSl+E7g2AU4W08AUX3E6qoE2VjXTAUW06qJadc6AUiK9I:AIAg2z5UNhlX7nAxN8AK/qovFDADvqk+
                                                                                                                                                                                                    MD5:DA518539420170B8DC172B73ED4CB1C1
                                                                                                                                                                                                    SHA1:D00BAECCF5CBF6190F4D87668CB9F8CF984A42E1
                                                                                                                                                                                                    SHA-256:DD895DDB4A945BE81984D05A44FD7821C101FB48C98678E19AAF8C0A2CE47EBD
                                                                                                                                                                                                    SHA-512:69343C77AD30A9A85BC410537DA143CBFED103CAD7877AF9A298816A97D23674739E057000CFAD88EE1D9263F571C03130D0D97FFC4188E0391FA97F9F8C88D2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgraphicseffect.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsEffect

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qgraphicsgridlayout.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4314
                                                                                                                                                                                                    Entropy (8bit):4.970342752696393
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:TTszOCU0jacF4F/uBnBDBsBL4UHJmUmDxjfFOj1vmS1zI:fazVBlskUGxkmS1E
                                                                                                                                                                                                    MD5:3C4029507C52442076BF8B68232CAED0
                                                                                                                                                                                                    SHA1:D1D34E47165A17CD71AFA7F2FFBE32A7C1C1B2E7
                                                                                                                                                                                                    SHA-256:E464841812287C8B449404741114E5066E55093652570E7E572FA5BB6CC03248
                                                                                                                                                                                                    SHA-512:30A16F3541274A38796F4E56C961FD711AC430BE0812874B9ECF214323710E2612A60BD9D98B898E65A482072600C33FAC5319FFCE3295B47521750205212DD9
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgraphicsgridlayout.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsGr

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qgraphicsitem.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):27750
                                                                                                                                                                                                    Entropy (8bit):4.944497651172094
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:47WNXmLsBYkiKilryU+2GLtpx11111I1b1ZwPwsDW5c0g/0wWo2/:KuniKilrW2apmjg8oU
                                                                                                                                                                                                    MD5:C82BF0238E6259905C9C18C5665AF2C5
                                                                                                                                                                                                    SHA1:13EB331DC8DAA5EC2A1B4B84B4B7E8B26E0F2D70
                                                                                                                                                                                                    SHA-256:DBAA83044F09F61D667790EB03E9B4DE297768D8173E701A090AB02113FF9E7A
                                                                                                                                                                                                    SHA-512:5144E0FF4CFE8A6120C2E9C764A35D759C507DC64C87127BC767E4153761FF3A2EA6E26AA4C42A91B3401347FB24188A1140975229F11F2E9A5BDA244A03BC8D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgraphicsitem.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsItem /Su

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qgraphicslayout.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1782
                                                                                                                                                                                                    Entropy (8bit):5.105894217732892
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:am098RszhJh1+ALXpxMnjKb1Ng/QSBSmxWDKb5:amTszP+8XInjKb1W4SBSmxWDI5
                                                                                                                                                                                                    MD5:14690424877238DF9D07C0C830489580
                                                                                                                                                                                                    SHA1:29A97303198477434E8E3ACA971238714479DB71
                                                                                                                                                                                                    SHA-256:514E8C0E75AB98D5C948DE65D83BC2161AC38FD02D4E440A1462C3B8E4345584
                                                                                                                                                                                                    SHA-512:43FD27DF067B43940A4B78A7CD142FC334C3EDB578B83731FB23AE985417A8417344F45745B37871AF38D667A4719B9EF94F4463AA56A963C034FB067B59D0F3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgraphicslayout.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsLayout

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qgraphicslayoutitem.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3163
                                                                                                                                                                                                    Entropy (8bit):5.089331795713423
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:arTszPS6X3CXKOBZB7Bhv0sXDsEyY6nEzz:aXaq1bdhv0sXYY6U
                                                                                                                                                                                                    MD5:FB99CEAF96AB91DDFD45FB48D7E1C85F
                                                                                                                                                                                                    SHA1:8303F408E8948DAFADDC8AF1237F90687AED4862
                                                                                                                                                                                                    SHA-256:9670B3163A487C765B05C879ACAA0B3D1E3D633902842062E82BD0B679855C8F
                                                                                                                                                                                                    SHA-512:4D1A2CE1B8480449DA22EF3AF37F97E8C12C7BA8AD70A5B702C96034F51B41687947F3F3AB215EA6CB39BBF03A0AE7E35F5AA4850EB88BF5E95272E4E770A759
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgraphicslayoutitem.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsLa

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qgraphicslinearlayout.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3236
                                                                                                                                                                                                    Entropy (8bit):4.9806007104087175
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:ETszPCUGVjhjriexjfeOR1vCf2U/1UmDSU:eP/3xfe1UGSU
                                                                                                                                                                                                    MD5:368575E6A4C17BA401DA9FE0F5B893DD
                                                                                                                                                                                                    SHA1:1B0FCE1003B175ADA4B19EF59EEAF96858193E65
                                                                                                                                                                                                    SHA-256:DB4DF5D1EE219DDBABA39E06A7B352159FF15F6F6520D6D22E89DBAB4DE81440
                                                                                                                                                                                                    SHA-512:44A203485CB3A2B0DB04422C61251A3839322AC0FB65964A70DCB8FCC08ED83C0D271512394498F7E7277277754CD56787E18BC43BF681C2FBADB94A6F172715
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgraphicslinearlayout.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphics

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qgraphicsproxywidget.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4015
                                                                                                                                                                                                    Entropy (8bit):5.040717175576262
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:dxTszDU7a7FUxzcO1gkPXdIXSIVIvI4I12Iw2IE2IaIIIIRIegIZIDI6IGIIIHWQ:/EsI2cO1gkPXdIXSIVIvI4I12Iw2IE2b
                                                                                                                                                                                                    MD5:7E13271E3ABEDAA012526630A82C9FAA
                                                                                                                                                                                                    SHA1:6BC070672B966C640560EB38EBFBA48F44B1B6D5
                                                                                                                                                                                                    SHA-256:39CF87F0FF6738F2A8C3361813D1BFE544A079C898BC86211045D0D76DDEFBDC
                                                                                                                                                                                                    SHA-512:DF652DE74378066EBE95461D7113524EF67DF5C710E29DB617C6EB39AED5B5B72746C0675991A4B8D22A3C5A90E82A9A7448E6566005DFC1B33537191C74507E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgraphicsproxywidget.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsP

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qgraphicsscene.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):9318
                                                                                                                                                                                                    Entropy (8bit):5.064732477501536
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:XRAqzPhXNdRiJJaWuO0y07d3XdI4ItI0IDsI6IHWIqWI4IGIIIbIRIZIDI6IJIOv:JzuqWuOw7d3XdI4ItI0IgI6I2IfI4IGe
                                                                                                                                                                                                    MD5:D4A287DA3E32FA8BAC0943C6008FD97C
                                                                                                                                                                                                    SHA1:9E8118A401A8A0F69D82928B25040AAA7774E6EF
                                                                                                                                                                                                    SHA-256:A94CAE6B323A0FF72E92C36E9D7E58093EC1748D2088280FC49DE93D7E463565
                                                                                                                                                                                                    SHA-512:54FF76B547BC60961EEC72EE9FB0B59128F984AB1C9C46D1AB8161C0AC1B5FD02C905538A8F040A1FA153C25B6C6997F3C29A217093229AE276F106EDA99F0D1
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgraphicsscene.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsScene :

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qgraphicssceneevent.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6918
                                                                                                                                                                                                    Entropy (8bit):4.974871927121996
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:VTsz+EY8vJK+8vANowAJoR9moIoARuoNs2AntUAPo8yzyEdOyiOLJ4UQ60DUN6RU:J38vJK+hqcupRvsb/OOyiOLJ4u0lRo
                                                                                                                                                                                                    MD5:E5061FF826B586183EAC1B852E5FB72A
                                                                                                                                                                                                    SHA1:C5625E4B59610BC1443577DE30F290CBB483104D
                                                                                                                                                                                                    SHA-256:542D863111C9D3EA9D17C87679A87D2F5997F475BE5E558D53E5F7DA274A71B2
                                                                                                                                                                                                    SHA-512:3D9420DDFF464986B2AC8807F543B9CD8657A85A8F6E4CBB7D59F6885CD6096FCDA5C6FA68DDA5C39EA24AFF1DA58EBA50CC18E25F1878A02E49A82D2A85AC01
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgraphicssceneevent.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsSc

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qgraphicstransform.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2549
                                                                                                                                                                                                    Entropy (8bit):5.150387215565499
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:D098RszhJheAU1FdEUp1bFtxFmUWEO5B01sBQf6B6uBYKEOA:DTszIAU/d1ptDM1B0SBQf6BXTk
                                                                                                                                                                                                    MD5:25B3360B576FA471026F88EFA00E51F7
                                                                                                                                                                                                    SHA1:B53C51278580C05291108C1977AB6BFF4FD2186F
                                                                                                                                                                                                    SHA-256:EF3D983196E6CCEBFBEB17EB19D17CD32C3F8BAD383B533C5E2AE7D9CE91E25A
                                                                                                                                                                                                    SHA-512:9ACA8175754DA42AEC363AFDD05815C7E97685F8ED0AE19A9DCB841FF36F0EB452D2B3BDDDEE1AA15D426FBB93B1E8419F191BD63D3C108BE5EA68C05249C216
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgraphicstransform.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsTra

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qgraphicsview.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):8617
                                                                                                                                                                                                    Entropy (8bit):5.033824018871672
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:EEaPzwEaYD2UJjjo/5JxXdIXXIpIdID3FIRIxIHWIqWIXyGIII2IOIcIkIxIlITQ:naLrY/5JxXdIXXIpIdIpIRIxI2IfIXym
                                                                                                                                                                                                    MD5:E1B121B804D1EA7FF09F01B19F9722C4
                                                                                                                                                                                                    SHA1:B7AFF6428515F71C2DA1F85DE5C619DC0EDD9E6B
                                                                                                                                                                                                    SHA-256:DB886F7DF8358D52643C62A303C2246D8F91747841F5303C553A6F71BC328C00
                                                                                                                                                                                                    SHA-512:76540E5AD4112040EF67D2EF468F2C4641448140926DB08723E8046E85080E12A03A4C5E7972A2B039EDA495E6BC40416B77B5A470E5D45882D1005F2DC4D431
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgraphicsview.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsView : p

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qgraphicswidget.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5631
                                                                                                                                                                                                    Entropy (8bit):5.006399537196519
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:/xTsz08hQER22N1vMxZmfpfB6bRmLaA/yDyPX/IX4pCXdI/ItIHWIXyqWIvIwIzu:d8lPvMxZQZB6bRmLaA/y2PX/IX44XdIv
                                                                                                                                                                                                    MD5:A8CAA2E3639F4BFD3A3BB9B2A5A56E67
                                                                                                                                                                                                    SHA1:EF737A51AB6156C965E74076E648B36C4FECC286
                                                                                                                                                                                                    SHA-256:D2636F135BC39DF0CA74C1226966C9638D941965082A717368E26B5D60869B55
                                                                                                                                                                                                    SHA-512:4043BC433708E54AA1F4A93DCD1FF4ED6D1DD7D8CEC7E6281FAAC07631D416A74473035C98AD1FEEAE325001E8EDA38F91BEB7A63EDFA102E519B09CDA30A2B4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgraphicswidget.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsWidget

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qgridlayout.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5688
                                                                                                                                                                                                    Entropy (8bit):4.872175829316069
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:MTszx76Z6iN9j1hrmXqymONjo0AxjPWwjPeo/AxjPWwjPso+AxjPWwjjSt/ZyUSE:mQuEiNHoXqym0jsjewjG9jewjUgjewjS
                                                                                                                                                                                                    MD5:11A7C85D1D7286EA120CD07DD63A2D31
                                                                                                                                                                                                    SHA1:8F5CF5911B305C467D15AFBC5C94622DD102676B
                                                                                                                                                                                                    SHA-256:683FD2E709103B64862EB7484B85A9FDAFC55F99F0BAE5A268A2F525E5BCC4D1
                                                                                                                                                                                                    SHA-512:29B942591BAEF14D76B72E121877F4A9EF10EF55BE78EEB4305676E513C3400050993C9E8C973F41B5753F5B929DBB7152126B90A68E82A6A4746E3FB5F9DA81
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgridlayout.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGridLayout : publi

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qgroupbox.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2183
                                                                                                                                                                                                    Entropy (8bit):5.07432283308248
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:m098RszhJhsapxZDn0JbSThWIcQXie5g6HRseDIcIkO:mTszWatDYRIvXie5g6HRseDIcIkO
                                                                                                                                                                                                    MD5:EACA530CFC57759FCB87FF32A9B311F7
                                                                                                                                                                                                    SHA1:1474A375D07FD8E71C3F847B68B30B092AB18463
                                                                                                                                                                                                    SHA-256:722B29AB568DFAB02CF9835290D357F9EE12B0E3A3E7547A34BA153935DB54F2
                                                                                                                                                                                                    SHA-512:12FD7C9FFCA926F4F1169FE62A8AAB58AA740B570A51675414260CE42D504304D6A005E6EF6B9F2105973DE229F5C9765742F376E7BCFF20AB7A890DB1232347
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qgroupbox.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGroupBox : public QW

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qheaderview.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):7213
                                                                                                                                                                                                    Entropy (8bit):4.890505134922737
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:MF8yU/lniSQ4JcXLXhzCsUqU2kyCUcU82jXVJ0Ca+VpHJZn:m8yUq6cXLXhzCsUqU2kyCUcU82jXVJ0a
                                                                                                                                                                                                    MD5:087A1DB88C8C67EEF7865B84C7900780
                                                                                                                                                                                                    SHA1:3ABC10FDC42D04B0E4D25F589D1F03BA15BC1752
                                                                                                                                                                                                    SHA-256:306793EF3DCD4A6752AD688A2AAD93D868C39EA643CEFC8F80ADDDF70734BB49
                                                                                                                                                                                                    SHA-512:83EC94360E0E40262C99052A132455EA8E5181A47C0F12E856E55C7FFB1B99833AA9583D17C9AB56CE5ED49EBBFF35B52EA0766C01F80E53FFF4CB166D08C6F5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qheaderview.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QHeaderView : publi

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qinputdialog.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5926
                                                                                                                                                                                                    Entropy (8bit):5.102562480553656
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:mTsz2Roll3h97r7DvZgp9X/3HNzn8z29+0odpMiPtcV:41k1vZgp9/3h+0IMiPtS
                                                                                                                                                                                                    MD5:E8498541E3F8E294E3403F691C2895DB
                                                                                                                                                                                                    SHA1:408FDA749D79FA0C809378F8E61B228C129A4F9F
                                                                                                                                                                                                    SHA-256:0880D51D359CD9FC79A5AC8ECEB267F614DCF671D9951127A5A6AF8DC1B39F97
                                                                                                                                                                                                    SHA-512:C5FF9E62CF8688951DC8328A629709182217B303D8BA4FC745AD22743035CAF4F5DE10019224404313366A2F039F734D5752A7E0CD4997EDE877BB28BDAD52C9
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qinputdialog.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QInputDialog : pub

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qitemdelegate.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2989
                                                                                                                                                                                                    Entropy (8bit):5.052853287347209
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:wIY098RszhJhAMZUiOQFNnQ+xQfQDjFdgIW3JQpsFQxh5TQxZ5QJGoQXSIXb:9YTszsi9Y+WYDbWSj2CQjXSIXb
                                                                                                                                                                                                    MD5:E6B2018DAAC7A7F3E706DD0B2B2E4A5F
                                                                                                                                                                                                    SHA1:F5FC349B632528AD128B527A8E1A2A919914DF0F
                                                                                                                                                                                                    SHA-256:1C3B35772D16F5929DB45AD5890E2CF4DBC170B9AA2E873A2F164700AD65C179
                                                                                                                                                                                                    SHA-512:C4AC866BACD07E82D58D149EA73EB7338AAAF3A301C00D6285332DDA040A79F8EE783138F40B04F99524FFAF275EC21723E13359EBD1952061C415EF8BAC50B1
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qitemdelegate.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QItemDelegate : p

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qitemeditorfactory.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1849
                                                                                                                                                                                                    Entropy (8bit):5.113119598266787
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:wIrg098RszhJhOwLdS5Xl8vtLdnI5IhQtEYkmXj:9ETszhYdl81CumtxD
                                                                                                                                                                                                    MD5:CB95163C97308A9170CC5C3273BFBE06
                                                                                                                                                                                                    SHA1:E708D52600D84E0E2BF2C8A5C0BACEC0C363F722
                                                                                                                                                                                                    SHA-256:C42DE14BE347BC8A08A75CC8504DA34AE51DE8533FB2766D8A9C80FCD6933806
                                                                                                                                                                                                    SHA-512:6D194F73AD1E7B03BA810A25D003EFD6C8B0706C78BB613C1B82AADA220B0963A50E1F63ED9EDE92F0D86B4561E63239B09C3B0B2F5533F8D1B30F0CE08EEB62
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qitemeditorfactory.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QItemEditorC

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qkeyeventtransition.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1607
                                                                                                                                                                                                    Entropy (8bit):5.122803400744684
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:c+cR098mXIpmNDzVZRURU2SnOk/1OCxqKLxA4Ck5SBSl/MAHj/d6XVnO:cx098RszhJhPqkAZiS4l0Ej/IXdO
                                                                                                                                                                                                    MD5:AD339FDC7945C409984979C66770E76B
                                                                                                                                                                                                    SHA1:F0A7A0399955110E2CEDEAF565639A5E38F86B7F
                                                                                                                                                                                                    SHA-256:F6BD9EAFB1363297BD337ADC7C2659E158532E212D0DAB3A63F4C0C96FD0549A
                                                                                                                                                                                                    SHA-512:4F53CEBA77BCB180661F7584874FA3AB743D80195FE6B3E9600797A4CA3442BAC4CA90A763B42E6EF991719885FE070481C376101EDD337FA0195989B750D751
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qkeyeventtransition.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QKeyEventTr

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qkeysequenceedit.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1741
                                                                                                                                                                                                    Entropy (8bit):5.1497827692058955
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:ncR098mXIpmNDzVZRURU2SnOkpml/B2+xCtPQvBkXihDA:g098RszhJhpipdCtYv+XihDA
                                                                                                                                                                                                    MD5:549803BAE6EB0498DEB6D7C3D91ED5D8
                                                                                                                                                                                                    SHA1:8D9D281C0BC4CA5AC5267B8536A1ABAA42782E20
                                                                                                                                                                                                    SHA-256:CF569F044E928F0880DB40643F006759F7018EB693623C282049B3CF8E114DB4
                                                                                                                                                                                                    SHA-512:75FCC901EC3F49B2AE574BDFB91FD8920E8EAE90E355D71F9533BB5AAF202034998DE46CA29A9D076F2D97D514A83F941B1EFBCAF00DB1894945396D26E20700
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qkeysequenceedit.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_2_0 -)....

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qlabel.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3282
                                                                                                                                                                                                    Entropy (8bit):5.0069420215161555
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:6jTszltYBZCiXKqSReXXL6saJenJ8JEJRJHKJqKJXdvB:OqXiXz9XXL6saJCJ8JEJRJHKJqKJX/
                                                                                                                                                                                                    MD5:41FB702974E7C30D3BF0168AAE49F8A7
                                                                                                                                                                                                    SHA1:64141B8A065D6907AB9E38C4957449F533F1773A
                                                                                                                                                                                                    SHA-256:6206CDFA28B0B240219B58EEC76CFFBB9C007874E29C2600A0D7AE65EB0F2D07
                                                                                                                                                                                                    SHA-512:0463C882E8EE58DE0ACCF6F085D0FB4DE288F5BEA464464A0CEC3B0423BBB6CC71B90AB71F6CA7768BE0377BD327F0F42A3C5F23564345D9375D919D2FB79E22
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qlabel.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QLabel : public QFrame..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qlayout.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6054
                                                                                                                                                                                                    Entropy (8bit):4.904381651342112
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:MTszYGy6ZGzojAujPW7jhDSETo0AxjPWwjPWONNHP+3LSXK9nJeDoJAxjPWnjV4W:mwlkSje7j5SKsjewjPW0NHP+3LSXKbe+
                                                                                                                                                                                                    MD5:0E50EDB2831C955C57E514AC95AC7C9B
                                                                                                                                                                                                    SHA1:B7138F4ED07ADCA6D7823D4FE441E6802B347706
                                                                                                                                                                                                    SHA-256:701629F0FA49238495B186487D5161C063C0E670FA791DD003A5B527F206C597
                                                                                                                                                                                                    SHA-512:D7417BF913D060687095A00E4837563482FA729B372F036BB22378DBE5003D85621B1056101ACF809423B70ED2676D17350EF2762CD3B3206CAF5D1E1BF963AC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qlayout.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QLayout : public QObjec

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qlayoutitem.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3783
                                                                                                                                                                                                    Entropy (8bit):5.068092726680677
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:BTszpC+Tpu4OuQ8X2XqymSl696Wdw+iNHONXFPzfTO9iNHONXFPzl6Xqyd/:lWTpu4LQ8X2XqymSwoWdw+iNH0XFPzfz
                                                                                                                                                                                                    MD5:C8C0C493E82C334C7F515ECBDF8A6AE2
                                                                                                                                                                                                    SHA1:C9D1B68707BE2C5725C6D7EFC2856D17EF706C32
                                                                                                                                                                                                    SHA-256:57F4F1181FA8ACFEDB11F1676ACB12C3A4BB18200E84852E13A0F9785DDABDA0
                                                                                                                                                                                                    SHA-512:B3DC5842C8E751A0DA22C4C8394CBB7D5866459DBCA8B3FC94C4ECEF81B5277AE76D466AD094EBF56F61BDDB42E25527A595D5EDDEE31358C2589E49B38A4BBC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qlayoutitem.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QLayoutItem /Supert

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qlcdnumber.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2467
                                                                                                                                                                                                    Entropy (8bit):5.017911255385371
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:4098RszhJhUsObMM+Bp4Fi2H/zqkBQQFNdXyfXLM:4TsznObsBafHrqcIfXLM
                                                                                                                                                                                                    MD5:012F91D32310E8B902C6CF87EBEBF62E
                                                                                                                                                                                                    SHA1:60FBE0D8C3C75BA9641C437C41A2FD33623CDE46
                                                                                                                                                                                                    SHA-256:8339488AD61E78B95440106A8F937928666CEE6DBCCC544D3357D9FCFD93A6DC
                                                                                                                                                                                                    SHA-512:3B291AF0AFA41FD13341BA487D4A67D29FCFFF73BF94806A4CD4001B2531B5AE7E0CD1D949F43286629B30FDBEFF65DCF1B85DE871FFA490E9AAC7A1B633168F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qlcdnumber.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QLCDNumber : public

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qlineedit.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5610
                                                                                                                                                                                                    Entropy (8bit):4.9870783496222275
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:sTszppPmMnkJp0dih4NvSu9DvVWK5yew3vxhHRqR6ifD3TGsuA3HXMCEgdOn:G+PmHp0diE5xy53vxhHRqR6ifD3TGsuB
                                                                                                                                                                                                    MD5:468377C7F67620A70B1DD782FDEEB261
                                                                                                                                                                                                    SHA1:3F597A806C1B386488CF9042FEA1C97834D752CA
                                                                                                                                                                                                    SHA-256:CEE481E506E69EE02499347FF00AB84A7703B6C068B180E5FF252D30F186585D
                                                                                                                                                                                                    SHA-512:03861E051E0C29F4980E83D7A2ED93134A445B97854F987ADEA0C521EDD45759A70A46B1F48EB44AA7DE7DAA3E6F9247E00F53C80E596596785365249B1EF5BF
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qlineedit.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QLineEdit : public QW

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qlistview.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5190
                                                                                                                                                                                                    Entropy (8bit):4.97987592190548
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:VTszcg7YYs98B5Kukv6wUcUxXLsU/9fD3Tv6X/6zkyDT5xYDPEeDmXZYHhmbn:Jzg8Ys98BcjCwUcUxXLsU/9fD3Tv6X/m
                                                                                                                                                                                                    MD5:20FC1E54D2EB8DBC18110B873B08DD71
                                                                                                                                                                                                    SHA1:A5345272C255B9D45758908EB450F640066F9E44
                                                                                                                                                                                                    SHA-256:D7574BD2D74164AB90F0E07A2927AC17646D4BBCBECA0D226F117CC6B7D2B5B8
                                                                                                                                                                                                    SHA-512:ACC16D9F18CD678B8C63BAFEC9FDBFE0D83CF79BD6DB9155D1E7D951170519EA564F17A77B0FFF0B2608E6AE65E7058F88F91426ED77502173E5126DD28F1323
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qlistview.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QListView : public QA

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qlistwidget.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):7463
                                                                                                                                                                                                    Entropy (8bit):4.959172767901056
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:4Xz1+Vs/nwXn+jFQetpQCYWy9MJIrTwOFR7XPltJ4XgxO1Iq9s:6z1+Vs/nwXn+jFQePQCYWy9MJ61FR7XR
                                                                                                                                                                                                    MD5:4EA869ADF3AB20FD6EE1B7AA53A6B2E5
                                                                                                                                                                                                    SHA1:9D8AA8D6C26A28FF1A5A6492C3E8CD5F044F169D
                                                                                                                                                                                                    SHA-256:DD5813178E87ECCD143D48F7A065B1A5629046671DF0E3E8FBD2624D71BE0F5B
                                                                                                                                                                                                    SHA-512:3A12356319CDBB17DB5211115F96ACCAECCBF43835A77852C6231FE54C40D793D906813E17277C4A927B92E87B6DAC4BC7227A189278C1A564A213591569E262
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qlistwidget.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QListWidgetItem /Su

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qmaccocoaviewcontainer.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1467
                                                                                                                                                                                                    Entropy (8bit):5.244121385796388
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:WveT98mXIpmNDzVZRURU2SnOk4W68BenB4e6e7nesGP0e4ek:dT98RszhJh4n8oBTd7eRPTk
                                                                                                                                                                                                    MD5:AA2AD266AD265243A47840CCD6A719D1
                                                                                                                                                                                                    SHA1:101EBEDBB7BAEAA21A07680B86EA4F6C1D36FD8E
                                                                                                                                                                                                    SHA-256:2A52BFFD3BC05147423B6A06B8664A75FD2DB7EE01917B7A6BC0A33F261860EC
                                                                                                                                                                                                    SHA-512:A12083E71DD5975A1DC6213EF55A230FF0EF857A800D000171B37AF057A2A3E4CEB3B5264F2A6E5931DA022A6B092998102C97629D7BF7A515FEC0F14A5726A5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// This is the SIP interface definition for the QMacCocoaViewContainer...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (WS_MACX)..%If (PyQt_MacOSXOnly)....class QMacCocoaViewCo

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qmainwindow.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5039
                                                                                                                                                                                                    Entropy (8bit):5.106239426144485
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:hTszUEpXvUIY/IpA7pACIADA0QAU07/pIXd89U5AuhdXhC1AUAE0kv:FVESIAdACIADAjAU07/pIXdPAZAHk
                                                                                                                                                                                                    MD5:A5C358E46B14FBF22ADF0BC68C823CEB
                                                                                                                                                                                                    SHA1:69757AB466F73F0ACAE76901E7F2903EE11D0C77
                                                                                                                                                                                                    SHA-256:6C99434581179D5EB0E65234DD730F8704904E9871F9F1BAB651CF2C105F7D2D
                                                                                                                                                                                                    SHA-512:25523958C973A1F3D4DFAE5C69A1DD8263415913F3C9093567AA3E7199AE953C406B0CFA8C5A08D14A6AE1DA4E93B161F3B5EA479F3EE4DA81AA3A23066CF67F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmainwindow.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMainWindow : publi

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qmdiarea.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4391
                                                                                                                                                                                                    Entropy (8bit):5.032923237322884
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:FTsz5tO5bJHi5C6IqcQrG/FtCGGmFQj/D/rmrXdIXSI5IeWbIEqIGIa3IXASITLi:5gGJHi5CWWtUZj/D/6rXdIXSI5IeWbIM
                                                                                                                                                                                                    MD5:A8968169899BDD449667D14CA9959787
                                                                                                                                                                                                    SHA1:09332E5BC09E45F2F306FC144A16C78F59BDDC4D
                                                                                                                                                                                                    SHA-256:B864154139A2E451C0AE66FCB46A82BF6FED83B607EA524773165852CBEB0B4E
                                                                                                                                                                                                    SHA-512:AC14537209A97A1EFDD27D6906C33AA003453BA9E53C52347938C22FC148C57D688DCB1B3A84F12A1DA8D09C34E289D615E9F4C0E7B2F08D844E9A2CB61DAAC2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmdiarea.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMdiArea : public QAbs

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qmdisubwindow.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4293
                                                                                                                                                                                                    Entropy (8bit):5.030226949591751
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:ETszHtsidPUxzkorTpsNLA/XSIXdIa3IfILI5IbIEqIGISI5Ie+IxITIbI5IVIH1:eytsidcDT2y/XSIXdIa3IfILI5IbIEqz
                                                                                                                                                                                                    MD5:F9F38A5BDF83826643D1B78A2F4A5472
                                                                                                                                                                                                    SHA1:B3E4A648A6CD5B2D04A9B5A2478079DB6E0B6026
                                                                                                                                                                                                    SHA-256:A2340677393474C3AB92AA4A44720C9B948520631ED735B95D4487F65BBE0D4D
                                                                                                                                                                                                    SHA-512:35DB5A4BA97FF7FB5465323D882705595AFA97C63DE0CBEF72B0FA8A49E308C47219220C1E37111E9291614A8471B67271BEFC1E2885C5AACD82BA7692F36415
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmdisubwindow.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMdiSubWindow : p

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qmenu.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6233
                                                                                                                                                                                                    Entropy (8bit):5.103097233415781
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:XTszqeB0oK00oYkJWm/tJ9pd40i3Qtshvew3G8386IGXiXc8Sqn:D3eB0k0wEE7m0Rtshv53G8386IGXiXLn
                                                                                                                                                                                                    MD5:38BAA30B4D9188B543C2B03C0AE5777F
                                                                                                                                                                                                    SHA1:929FF700034F4046ECD8916E0EC06E61F44D4E9C
                                                                                                                                                                                                    SHA-256:A3CB4C2B262CF1FFA4DC828A259EF6A1FC29C4CA8FA41AB4EA5AF609025AF981
                                                                                                                                                                                                    SHA-512:79ADEAB7C0269C1EC4E9CFA946E2011F6DE3DBA738362BE74DA03BB9148612BE7986C4BF4153678502357A26A1148B6F30FF29CF474D9716E6AB88D13F49A230
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmenu.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMenu : public QWidget..{

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qmenubar.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3633
                                                                                                                                                                                                    Entropy (8bit):5.022395359794059
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:6Tsz3XJ0odEqiMkievStshvew336gIqRHRX0Xip:ssXJ0ZqiMkbStshv5336gIqRHRX0Xip
                                                                                                                                                                                                    MD5:2F161D11A498399A16A3CE3CE6F16387
                                                                                                                                                                                                    SHA1:B2FBA504C333802FAB6A379E8631ED0B59C92041
                                                                                                                                                                                                    SHA-256:C327142483AF09B2E72B540DC74D5ED972A9CD4A5FD3F07CB2BEF5737A60FC8A
                                                                                                                                                                                                    SHA-512:661F80ED1ED2CAA7943CD2B69A320324B260783B77F8C93CF006D254FA3FB60D69F54F133C15DA1DBAC733292E0A408D26C62698326836E7A70019BC87598477
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmenubar.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMenuBar : public QWid

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qmessagebox.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6675
                                                                                                                                                                                                    Entropy (8bit):4.98644192561618
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:qTsz/7AKDxM6I+FGAxXLgKShWJUVusTEonack+0odKyleocp:cHyzNVXLgKShWGusIono+0ryYoy
                                                                                                                                                                                                    MD5:5F333789385C5C3937599445389FBF29
                                                                                                                                                                                                    SHA1:11FDF9093968761F573F2A28D54E9C635308DDFD
                                                                                                                                                                                                    SHA-256:8EB6308370A2F5A6A8AFBEFD6BFB9C30F189E42B0BCBBB45D8C182EC715930B1
                                                                                                                                                                                                    SHA-512:7F3135C3E06BCA91EC65583713A038C708E5AE1CAD0F5DBB02B3D7B8A9876222171502D47C9D7A7C711ED4F5C1F05373A0976C0E9ADA91DF990ED18EC8CBB719
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmessagebox.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMessageBox : publi

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qmouseeventtransition.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1758
                                                                                                                                                                                                    Entropy (8bit):5.108277113565124
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:Y+cR098mXIpmNDzVZRURU2SnOkqrCdqzHwA4FTMuoip5pYMAoKDXlLMj/d6XVnO:Yx098RszhJhfqkASPrB6XlLMj/IXdO
                                                                                                                                                                                                    MD5:59A71E36298AAD9011E76225164130B9
                                                                                                                                                                                                    SHA1:CFC8A4DEA816B0109FDA68D600633ADAA055808C
                                                                                                                                                                                                    SHA-256:448FDB40F491D762F9CB075AB47C5001C71DADBA7317FA0ACAD0377C5AB7CBD1
                                                                                                                                                                                                    SHA-512:4E84C068B42B694A72FD27F3192CAB7F84C9459DAB141D38829AF79FDE55606CC80E8F0E3BCBCC9E4724FBA557AFEA32220CD66053C3C28EE235CFD536CB24EC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qmouseeventtransition.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMouseEve

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qopenglwidget.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2470
                                                                                                                                                                                                    Entropy (8bit):5.189947535904091
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:dx098RszhJhplbqfnak300BHHX+a7twX6vyz9XLDQQbjAD7z1p142:dxTszRwnakjHXo6vyz9XLEUKu2
                                                                                                                                                                                                    MD5:56890E85CB715DAE512F18E9FB5B35B9
                                                                                                                                                                                                    SHA1:574E06F4B0E6A8D722E95CFED08BE80A12B043AA
                                                                                                                                                                                                    SHA-256:E9FE8479D31B5CE458AB8C1A63A3893F0A869BBD472697B585F2D71626DA7B02
                                                                                                                                                                                                    SHA-512:15E0A222DF7C01F24C1210FE415E429153AA6CEB7493F52E905EF0795BB8D8228812753ADC48AF679E2290FE7F2249D5F71438ABC8681EB2C378FFC6AB1C3534
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qopenglwidget.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_4_0 -)..%If (

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qplaintextedit.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):7975
                                                                                                                                                                                                    Entropy (8bit):5.047904186245201
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:LPO2NACvm3uDg6b/+eIXL/6Y9zCsUqXy3LD3Tf/HKqKKJ/F0jXmnB76GzzjKWRlL:7O2NAAsuDg8+TXL/6Y9zCsUqXy3L3f/r
                                                                                                                                                                                                    MD5:94EA0A3C9CD0095F9FC1D710C4A5D03A
                                                                                                                                                                                                    SHA1:B4CA23EB77A85D7118E9AAE19D234CB607413D35
                                                                                                                                                                                                    SHA-256:8B779691CBB545129C54549B981720098A713C0848C30F34115F7102CAA73303
                                                                                                                                                                                                    SHA-512:9BFE8EBDC2FAA63105A19725D02DEBC53DF214B78CED4FFECA3AEA0E9F36764E10FEB85F198C1B1DAC568CC0648AE5F91FEFE673757FF9954681CB270DDD8442
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qplaintextedit.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QPlainTextEdit :

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qprogressbar.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2319
                                                                                                                                                                                                    Entropy (8bit):5.029733181671632
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:eb098RszhJhNPeuMmCj/Qe+aPFNdQbSKWm8SrTrBfSQXLM:OTsz/PYkuiAmnhpXLM
                                                                                                                                                                                                    MD5:7EF1060908C3AEC166360356A94C1A6F
                                                                                                                                                                                                    SHA1:700CDBE13B0F3165BD8F437672AD884D15F9952D
                                                                                                                                                                                                    SHA-256:845B20D2F5D1B234643AB59A58615F58D534CA9546E6E2E24F9E375043329791
                                                                                                                                                                                                    SHA-512:554353D5243728228817D45AFB5567C6A7BCA2C224DBDD40A3BE6AEA25FDA43B893DE263F14DC1428DCAC0D1EC639269B6E9577D6B91E80F7B30634EF7EE4A4F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qprogressbar.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QProgressBar : pub

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qprogressdialog.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2995
                                                                                                                                                                                                    Entropy (8bit):5.059583140720725
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:eA098RszhJhND9YMQMQsCj/QFNdZIwMzZsQp5Xzr6wgSsl0F+LRmn:PTsz/0MhvMiwgSsl0odmn
                                                                                                                                                                                                    MD5:3FDE866E64B64F5398BF0564716584CA
                                                                                                                                                                                                    SHA1:1D7F7906B79BC32A55F247B8CD8B987B6AB5CF8C
                                                                                                                                                                                                    SHA-256:F7F4BBB22A403104BEA5AEF930FEF2309C766BB4321B7DB29C2057C7EBCC0DF3
                                                                                                                                                                                                    SHA-512:7172E4D70B1A343215D4DADC4E06CDD7A527B996DD2BE40CD5CB63CA5A4E3DB947EF8943800E4E05AD2477CF07990D6CE03E933A36B04238A50396A13244D1CE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qprogressdialog.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QProgressDialog

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qproxystyle.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4015
                                                                                                                                                                                                    Entropy (8bit):5.002976024334991
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:bNTsz/7c/1sWaIc3KDng24fSPxhHeaHK2x539gPN4AEH5clBauEXXR:bBa21daTonz6IzbBv9gFpEZclBauEXXR
                                                                                                                                                                                                    MD5:F846040B695526C777B6AA99A4C00DEB
                                                                                                                                                                                                    SHA1:3E958B6DFE77313436B8190AD41C389C4670E329
                                                                                                                                                                                                    SHA-256:6E8632F166B8AC5A78E1A9B81C8A6A4020891741CEB44F66F743B698C9A9CDD4
                                                                                                                                                                                                    SHA-512:3F55716C9802C2469533372CA2755AD2338DC6ABC9DF9CD8D52EF2B084924E951F0E31B68999EEEA47E4DBAFBDD63811FD13D244F650051FD51D58D357FEEFAC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qproxystyle.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QProxyStyle : publi

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qpushbutton.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2230
                                                                                                                                                                                                    Entropy (8bit):5.142957942400798
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:y098RszhJhfFZEw6FNdQbTTROoo9FQQX46hHRqNTXMZgEZSn:yTszVbEw6i1ObFbX46hHRq5XMCEkn
                                                                                                                                                                                                    MD5:D106700D011A8E9E8F0E42C43C47CBFC
                                                                                                                                                                                                    SHA1:1B6A961BE4588ED935D7011914A37E27CB913EA8
                                                                                                                                                                                                    SHA-256:AF9A519448857BEAE66ED6B8E73238F5C3A9AB9C4E865E87EE3D2C6160F7ABF8
                                                                                                                                                                                                    SHA-512:D2782B09D6A678C978E60B8AB53F785BA2265617698B854990B31482776D20D95ECC17804C58CD0A0828F4B6D60919B789CAB0BCE75122F3B0486F4954689D2A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qpushbutton.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QPushButton : publi

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qpywidgets_qlist.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3094
                                                                                                                                                                                                    Entropy (8bit):4.934599718494936
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:j98RszhJhmjY+r4yGLGlJBhSDiMUq314MOWQWAn:gszAMwi8/SDiMUql4M5QWAn
                                                                                                                                                                                                    MD5:1CC796A08AFC4D2359E46B60E23FF8E7
                                                                                                                                                                                                    SHA1:0589DBAB12600CFB0CF66A4AD58D27CC9FBC6C5B
                                                                                                                                                                                                    SHA-256:8BEE949FAF4A05CBC47C72CB2D18AC239567431339E6EC71CBBE713C1BB0D06A
                                                                                                                                                                                                    SHA-512:1AAF6EC14F1ACE213C1E35EC5B0E0BE83B140E2F6E61AC37463E708E3969762B402C79D494F1B3A7EC04C4993863463B8EAC1D4E5E353967D6259D4336ABC368
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// This is the SIP interface definition for the QList based mapped types..// specific to the QtWidgets module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%MappedType QList<QWiz

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qradiobutton.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1596
                                                                                                                                                                                                    Entropy (8bit):5.119566909516062
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:i8098RszhJhnsMalFNdQbgrQXM46QXL6F:7Tszdsxlic8XMqXL6F
                                                                                                                                                                                                    MD5:3793B732C1056C045A339E7D4EED4E00
                                                                                                                                                                                                    SHA1:0C605CBA81494430F4C54022DA9311024F3E75FE
                                                                                                                                                                                                    SHA-256:DE2E6F8B808B19895650EE734A028023476D5EB673718AFA920A4FA1F564E213
                                                                                                                                                                                                    SHA-512:AF4675A07822AF36E60E519F43B0DA16B7CF18CCAF8FDF3134198F305FBC51E00476003A6E6FEE46BC27C20024EA5C4D53557B44EA4FA110F4FE847F2E832C02
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qradiobutton.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QRadioButton : pub

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qrubberband.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1847
                                                                                                                                                                                                    Entropy (8bit):5.083788884735032
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:OjcR098mXIpmNDzVZRURU2SnOknJdQB2vZ6JzN6F+Gk5UTlIMfQXL6sY3dr6Ro:V098RszhJhnmQh05UTlIMfQXL6sKgo
                                                                                                                                                                                                    MD5:819B0DA43456E100D452669E6595B857
                                                                                                                                                                                                    SHA1:D4E831122E3F4D4D4A8CA9FDE195F8E20DAEE929
                                                                                                                                                                                                    SHA-256:7C2055C80F2D396FF4839DBED792A771991751CB3EF9D95E34B4E82A22EE1C8A
                                                                                                                                                                                                    SHA-512:E3539F3C70E0E2B4B28B54EDF616BE596EA62AE4908F0F087605B2702B975B9C15CFE816E69B276551F39AA13EBC2102B3BE1B1A6DA91145A39F98BC730A7B50
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qrubberband.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QRubberBand : publi

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qscrollarea.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1976
                                                                                                                                                                                                    Entropy (8bit):5.145245188243519
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:1k098RszhJhfFVNUm/gLa43MFNdQX2a8/XiX0gsZvXDn:qTszrTdiX2LXiX0gsZzn
                                                                                                                                                                                                    MD5:47751DE9A8E4DA8140B0FBA396D8A6D6
                                                                                                                                                                                                    SHA1:61AC9DC635396F6FBCBCB3D0A67BE002F06FBDC4
                                                                                                                                                                                                    SHA-256:C44D2EDE996CD68C9A180BF9FC555AC5F28A9D87ADB0B27A49F59C459BC3365A
                                                                                                                                                                                                    SHA-512:1A2F01E467A6DBCA13E6E22C587E426CF20FB1214EFBC20DB67F2B79533FD5EB118ADC54E900E6886663636C6E2757922764FCE2A9C0EB6DCDB2B839A30C998F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qscrollarea.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QScrollArea : publi

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qscrollbar.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1818
                                                                                                                                                                                                    Entropy (8bit):5.104696150464019
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:1O098RszhJhR+NMFNdQXdY8UQ6ewv38ZORGe21:ETszv8MiXdYY6ewv38uGe21
                                                                                                                                                                                                    MD5:181F61F64335BC16159CF4799D688A6B
                                                                                                                                                                                                    SHA1:42E2EDA65FD7C2066E0EA851F4C6B699E2FFAF63
                                                                                                                                                                                                    SHA-256:9B4530F244F3C4DC62E9E03DA5DE8D872920F36128F1022ED5F9969394B20501
                                                                                                                                                                                                    SHA-512:14A6DC6F93D80EF65DA22B7342CD81045423EC5D4FF97F5D3FE83BA9004BFE613FE31DE53A1D3E0529B4F36963C1F539503BA8DFC5AFF65125BD9430D2D07696
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qscrollbar.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QScrollBar : public

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qscroller.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3025
                                                                                                                                                                                                    Entropy (8bit):4.976270815464152
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:1S098RszhJhbAN0VrnGwXZrHmRXHJhl/MXZYXI3konKhouAE5K+/F+AXsXFmT6h+:QTszlAqawXZ7mRXHJhlOZYi9qPc1mT6Q
                                                                                                                                                                                                    MD5:020D5ACA35879091D513B1534C309E97
                                                                                                                                                                                                    SHA1:288E2EB7B51AAC5D72C2FC14440BC01123B04E5C
                                                                                                                                                                                                    SHA-256:346B6758673D0221BE8E98A97C1AAA545B233A793EBA71DEB265BD9FCCDC0D84
                                                                                                                                                                                                    SHA-512:FECA2886ADC91C60FE3DA735BFF324DC62820DE628E2328406AB166EF7BA1749032FFBCAC254274AA7BE4B0F769EFFB95956D7AE4425C9FA3EA22427284660FE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qscroller.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QScroller : public QO

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qscrollerproperties.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2565
                                                                                                                                                                                                    Entropy (8bit):4.897274909762423
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:1hj098RszhJhwW+JQDjtcYQSoKKxvLtyJQ2lr2rcVrt6kI7:3TszyOcYQEIvLtyJQ2N2rAXg
                                                                                                                                                                                                    MD5:E51E7896B42F98F710084CB157608DDA
                                                                                                                                                                                                    SHA1:D97727924095C0DF401BA91E4E9F1A3727320325
                                                                                                                                                                                                    SHA-256:C52B5BEE21C9544963DCA191116A0D144854C6E2776C989343AF1E559F8D358D
                                                                                                                                                                                                    SHA-512:104D63C3A4488C7E14C129105898A3D5CF27537179B8F3392A784FC25B02785A2A78A51CA8D9CC1506E6D0F57BA72E0639C44C7D9E5679E919CD1E9391584F92
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qscrollerproperties.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QScrollerPr

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qshortcut.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with very long lines (378), with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3639
                                                                                                                                                                                                    Entropy (8bit):4.899761306365121
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:o098RszhJhDAbxm3+6yK2gWbhU5P99Ym569fOyjGe6n1SxgZ/rCXR:oTsz5Aw3+6yBFm5P99j569fljfmbrCXR
                                                                                                                                                                                                    MD5:C6924F511D6062B3377122608DBA62F5
                                                                                                                                                                                                    SHA1:FA127F52B5CEE3C345B6E311D1613C637B3F07DE
                                                                                                                                                                                                    SHA-256:8B5EFDBFD4C1BDCA8BFE221DE28EF9F6EF47FE1E4A6FC2539B0A7F8C5FB17D16
                                                                                                                                                                                                    SHA-512:631669E199B287311EE48C520CBF4C8162BAC900E709298D36BAE651449D900F804AF15308847EBEFBEA20D450386B4E47F290E0362DE47401BFB4457E6FEDC0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qshortcut.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QShortcut : public QO

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qsizegrip.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1692
                                                                                                                                                                                                    Entropy (8bit):5.102849329637682
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:t098RszhJhb2o3fFNdQF6ewTI3X0XiSIa3IfO:tTsz8qfiF6ewTI3X0XiSIa3IfO
                                                                                                                                                                                                    MD5:E0EC210BF4F7F02F0ACB79A182303F23
                                                                                                                                                                                                    SHA1:27BA08CFA414928ED61BBBBE95E3FF49EB70D132
                                                                                                                                                                                                    SHA-256:897FA824FA45014F078C304F8E49A896E5960EBF8E9A2A4E9868083CF4689906
                                                                                                                                                                                                    SHA-512:F639A8DBAC4C154F5623BBFDF1C9F78347DBCBE52E9E5F09821DDA0B3436051CC2BA84098657E93D91FE4CD6FF7277919F24678960BA6D26BF000274AF22B4F5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qsizegrip.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QSizeGrip : public QW

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qsizepolicy.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3563
                                                                                                                                                                                                    Entropy (8bit):5.070023186052934
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:L098RszhJhbz/+vaO61SIeM24Lw4A+edJN3U4GNkUtNBBSiN1IAg4w3uYCOnQDFH:LTsz6a11SA24aQrW+YRnQDFYi6E
                                                                                                                                                                                                    MD5:9002349F2C15B7240688F8D2FC07C0BA
                                                                                                                                                                                                    SHA1:0E820C1C8411F86CFA86C370305AED91671D423D
                                                                                                                                                                                                    SHA-256:B153352C412DD7EB84BDFCCFE22878FBD4649D5086E04A2F3F371D8C434D2B72
                                                                                                                                                                                                    SHA-512:DF31E1A36D1D62312FB9DD1A4B7D42E7D9B9B7BF991635B8A50F0B5FA4C1ABDD74FF2AADE5A360A9FABED1FB51760CE40B517257973FF8E6278C065A676DC012
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qsizepolicy.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QSizePolicy..{..%Ty

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qslider.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1977
                                                                                                                                                                                                    Entropy (8bit):5.039423585778724
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:x098RszhJhQg2+jFNdQb37QXdY8UQNJenJEJ8j:xTsz92+jiQXdYYNJenJEJ8j
                                                                                                                                                                                                    MD5:84772DB8D24DEEDBA2B9EEA5DF1BBBF1
                                                                                                                                                                                                    SHA1:64269C1761A73A1F293212A9283DE78C72BA7224
                                                                                                                                                                                                    SHA-256:177DD4B68080A8C77BBE96B4FCA6D91A60FF987AAE552509C662954C296C516C
                                                                                                                                                                                                    SHA-512:62204428A42C17644EA5A2C0584759392349D6FCA4D47A78BE047561D1581EEB6DA455F08C046C5182BD4EBD8FA91E8C367AC8D3AF2A874C1FE2AC8921F2A9A5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qslider.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QSlider : public QAbstr

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qspinbox.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3701
                                                                                                                                                                                                    Entropy (8bit):5.111701199818089
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:9098RszhJhG3x+CZf3W5rmVxRmrlGRV8QOQqNQXw6QXMsQuk8GQ1YNyU1y/N3xFH:9TszkEmfQY7Rx9DoXblNrZfQnRxLB6n
                                                                                                                                                                                                    MD5:421C2E4B06723FC658727471F4AE0C46
                                                                                                                                                                                                    SHA1:65A160B2975E1CE30584161EBAB3613D71C22DF7
                                                                                                                                                                                                    SHA-256:FF966F245C611C1B02C3F658022D732003D1C94FDA70F02ACC5F96E58A2960DE
                                                                                                                                                                                                    SHA-512:524CFAA8FE776023F1B76E99F07F7F8A2FAC3AF9FB5D5F3B6E54602EB00C2D9749C08AD07B287B671B6848D5733B694F5FA4E2EAFB6BA742228AD3F51BA42A2B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qspinbox.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QSpinBox : public QAbs

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qsplashscreen.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2034
                                                                                                                                                                                                    Entropy (8bit):5.205072639973588
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:j098RszhJh8Wl5rd5rEjL5rTbN585zOQu6aeoZ6XLem:jTszWErULZZynraRZ6XLem
                                                                                                                                                                                                    MD5:028F320B6C3DF75BEB49940F76AF8667
                                                                                                                                                                                                    SHA1:792E054D4EEE9D9C1664305527B8DCCD827A19AB
                                                                                                                                                                                                    SHA-256:3119DDABA2EF5B104209FC795732ED4059D1765AA6357CF1037DFBDFB5297C75
                                                                                                                                                                                                    SHA-512:190DDDF1BD9AF0ED6BF79521FE05F9AF5BFD780AAFEF0CD99E9564404E5866DB631DFF377EFD2CBC30CB97CC66A92686C45FD5F0466C963DA50E2E14E885465D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qsplashscreen.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QSplashScreen : p

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qsplitter.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3565
                                                                                                                                                                                                    Entropy (8bit):4.982582295780845
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:rTszToRMihaKDHC6uqLKBe5XigXDniC3eAa63ewvXE2:XioRMih/DHfuqL0e5XigzniC3Ja635vT
                                                                                                                                                                                                    MD5:85205B912D76246F59D0B986DB0DEB7A
                                                                                                                                                                                                    SHA1:F739B9FD2BA1818E35789CD734B3DDB2F8ABEF39
                                                                                                                                                                                                    SHA-256:B71FDB3902DBCD88EC4B1CC74DDE94EDCE3DA11999943A159134F623E6BAEF27
                                                                                                                                                                                                    SHA-512:9850E5725B37C61EEED6DB479099D43483C982A11C53494FC6B3817B8259D2E5AEBE6BC54E887567223B38777C26A2F4F82178E56C36C1763199C108B72D49E8
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qsplitter.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QSplitter : public QF

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qstackedlayout.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3802
                                                                                                                                                                                                    Entropy (8bit):4.9192735889039065
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:DTszmc0eKGoZAxjPWwjGzob9AxKPWi3K/Tl6U/iNZy8/nUtXqA:PBE9PjewjGzO+Kei3KLwU/iNZy8/GXqA
                                                                                                                                                                                                    MD5:42AB6F7294103759F0EE19119F94F548
                                                                                                                                                                                                    SHA1:67C2C51CE3716BD699C155416FE6D12438A06008
                                                                                                                                                                                                    SHA-256:44DBF0C8CF2132EB9D8F73ACB35408701DB705308E52678BCB889B15324D97F1
                                                                                                                                                                                                    SHA-512:45553F16FBE5BC33412F2B96C800384A473188186B3339EE2332F0EFB49BB8966B21217AAE04E2AA446377248E5F88A31EBFCB96EB2FC6E841A5CFB702A86265
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qstackedlayout.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QStackedLayout :

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qstackedwidget.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1714
                                                                                                                                                                                                    Entropy (8bit):5.089220862634824
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:eI+cR098mXIpmNDzVZRURU2SnOkuL8qepLWX2kbwXfMLe4GUlXR:bx098RszhJhxqeEX2kbwXCtlXR
                                                                                                                                                                                                    MD5:8071E91D76950C42DE5DEF90FCC7E5C4
                                                                                                                                                                                                    SHA1:1211CBBABBE374602AE320068D55D8EE85C58EDF
                                                                                                                                                                                                    SHA-256:394080B5375A516B4B13012910B8EE756295229D1DBF99323E10372151E26A64
                                                                                                                                                                                                    SHA-512:46B64C76F4E7353485B2D1291835FEB9CC46982216755609607D6215D1D6D4322E93EB2541E79785B19A1C7983A783687B28B887BBCD6D636103E969C183864A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qstackedwidget.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QStackedWidget :

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qstatusbar.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2018
                                                                                                                                                                                                    Entropy (8bit):5.078830512362248
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:eRcR098mXIpmNDzVZRURU2SnOk7QB25ANgJJJ6ZrLnMaUgQ56r6xKQXiY3P:z098RszhJhqmANgJJJ6ZrLn3/E6KRXi8
                                                                                                                                                                                                    MD5:1C486BCE60A97A6FF5416F17724F69D1
                                                                                                                                                                                                    SHA1:E263F3429E02661869D0701D9D6BA21BE76641B6
                                                                                                                                                                                                    SHA-256:F77AAC08A480A0E60D728B8FEBA33C54568BD49372A3B0364E6E500890BD5D18
                                                                                                                                                                                                    SHA-512:A5B89A5BABA6CD5EB0D22FDBBD07CC3C6A09D55A5DB5D459FB367A6D6977B8EE38E8B7037BA304A20120F51923632D70EF6087C3B6FEC87192E98D75A891D7B5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qstatusbar.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QStatusBar : public

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qstyle.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):24194
                                                                                                                                                                                                    Entropy (8bit):4.849125659459863
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:LTBoRGXbBlnzcj3hO2s8x+2hj21QRPZVd9RH/i2V2q2c38sxO27pon63IQ+2+yiD:iRH/i2338sxBqn63Ir
                                                                                                                                                                                                    MD5:14AB1BBD933A2EFDF2F718355564113E
                                                                                                                                                                                                    SHA1:A79FC90FEF4D229271A884F4935016AB4B28CDAC
                                                                                                                                                                                                    SHA-256:4E9DA5CAC70635835C1C7201C1EA8BD40888B8B4FB87EF400BC5B417A321A817
                                                                                                                                                                                                    SHA-512:ED07400202FC692B06D3FA29AE5DF8E1F34BA00F97B23B6E3C51D3CC51EA6AC8C025716D9F8BC1AE6879729535EDDFBA50BF136AAAAC55D0BF49DBA596FE11A3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qstyle.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QStyle : public QObject.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qstyleditemdelegate.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2479
                                                                                                                                                                                                    Entropy (8bit):5.080306456280007
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:Gc098RszhJhEMZjNOQFNnQ+xQfQDjFdgIWKYhoAjQXSIXb:GcTszfN9Y+WYDvrAkXSIXb
                                                                                                                                                                                                    MD5:2EE5034378B87DF8677E247D16660A2E
                                                                                                                                                                                                    SHA1:3326F2103EE3088FEC5AE1A6E5181D9973ED4020
                                                                                                                                                                                                    SHA-256:839C598EA715FA3DAC0E6C03390F5EF4EABCB27F2C6F1159FF99D29C0DE7C88A
                                                                                                                                                                                                    SHA-512:331FF75BC2E55A4153735D3603BE5F32A4079A597C2FEC283B559FB643F946784309516DACEDFBD48995B7FD27372578C4BBFEE7FC7959F4CDAA2381182B6FD7
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qstyleditemdelegate.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QStyledItem

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qstylefactory.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1154
                                                                                                                                                                                                    Entropy (8bit):5.125453894325304
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12:jy1XD9wF7R0dJxnOILsBIYFCIX54B++NDK2OsjbojvEZRURuHahLs2aRHAUDOkkU:GRcR098mXIpmNDzVZRURU2SnOkJx7
                                                                                                                                                                                                    MD5:B2C0BD313CFE11114805DA93C5BCC197
                                                                                                                                                                                                    SHA1:A09F60EAB0B8CAFD4B6F927DBA552C166CC41132
                                                                                                                                                                                                    SHA-256:21E7093DF9A5ED7BA3BDCAC8F02D14CDD33A2B8F7984F78727202BBE14E1200A
                                                                                                                                                                                                    SHA-512:D98189A7E05435EB30C64C9D099E7277EAC9A59A63E4B0B1B0EAD082BA931309273BC4E8663240DC6FC6A908A77B1998615CA8601CF84CED96038660919F13BC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qstylefactory.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QStyleFactory..{.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qstyleoption.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):22037
                                                                                                                                                                                                    Entropy (8bit):4.796297190946429
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:CGDieW7wqfiP/3j7SaX1sJkUhiHyNbuZR5AFUy1:CGDieW7wqfiP/3j7SaX1sJk7yNbuZsG+
                                                                                                                                                                                                    MD5:9706D651FEDCDC9384F00DC896EA66DC
                                                                                                                                                                                                    SHA1:721D4AE460F95623A547CE4F7D87D705885EC18F
                                                                                                                                                                                                    SHA-256:162F5F679D86F2AA492149373F1C2F59CC2BA798509EDB34C19CEC3F28575E76
                                                                                                                                                                                                    SHA-512:3002F72E2893B5AA7B27A0D9DAB754CE62A39A039A7C575F5D8A6A30009AD1094AF3547A4C6C7E24833BFA8D8A34E7F00260CBA88E6E5490067219C3313B3565
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qstyleoption.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QStyleOption..{..%

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qstylepainter.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1780
                                                                                                                                                                                                    Entropy (8bit):5.12804059499415
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:G6cR098mXIpmNDzVZRURU2SnOkDG/rf3DdQdEcEMNKRSGdxc3KCaH59:G1098RszhJhC/rf3xkEcEQIxc3KCaH59
                                                                                                                                                                                                    MD5:BBD2D9C026DEDEF51D9CC20E736C2AF8
                                                                                                                                                                                                    SHA1:165CAE2A0F393873F4CC4BE999B3EFB262BDFBB5
                                                                                                                                                                                                    SHA-256:FC16B5CBCA18097310ED24393DF2241FF5CB31FA0602624735F6AE21586E5728
                                                                                                                                                                                                    SHA-512:6820A3C35E9918C21AC35AA90EE9C1825C7EE5CF386C54D61402895EA4B05EE45CB1FF72E2AACBEF61192D8AA0F14F19A7DFE52F5D754D197C7AA1BF4EFFB360
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qstylepainter.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QStylePainter : p

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qsystemtrayicon.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2426
                                                                                                                                                                                                    Entropy (8bit):5.0553030337976
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:e098RszhJhZArYQdHQnoOfDQzSW5fHIO7PXdO:eTszPAEQdHQn5WfPXdO
                                                                                                                                                                                                    MD5:52AA2A6FBBE7C0B5F12B58C121D856FA
                                                                                                                                                                                                    SHA1:28A68FB77956FC663C046BBC62F4269B47BF9041
                                                                                                                                                                                                    SHA-256:6B02CF1E823F595647C2C79E64A52C3C96F58C13D037AFC90291D480DA84071E
                                                                                                                                                                                                    SHA-512:5AFB4948BBCACC10E56423AA64B6757B6C77B018370AB2FD850F9F27E0C9B1F9703407D898EDEC0CEB8ECCAF6FABE21738D882BC8C7CD820E79F7C09993F043E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qsystemtrayicon.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QSystemTrayIcon

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qtabbar.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5623
                                                                                                                                                                                                    Entropy (8bit):4.984370623692035
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:CTszRX+aSgPHgBi6zSXCoFLRcXigK6ew3vhiW6LLWOZ8xIy+xUzn:UgX+uABiaSXCoFLRcXigK653vhiW6BZ0
                                                                                                                                                                                                    MD5:6433E791BDB2AB76C10EB45715598842
                                                                                                                                                                                                    SHA1:E9596B7DB630F3CF63408F1C678F553D4DFF3C1B
                                                                                                                                                                                                    SHA-256:A0A7BAA9A6B3AFE6040425C425729916EBEF7DC277F601C3627A9DB4B24FB3E6
                                                                                                                                                                                                    SHA-512:FE7CCF1ECF8EBA1A4281770D4025F9FD7CA1C872A60DD15E52C7D306D8FDDFEA14084DFB9EC80DBBA86657509F44D89D1B0D0DD65AF4AF7C6D539B1E4C74D4D3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qtabbar.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QTabBar : public QWidge

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qtableview.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4963
                                                                                                                                                                                                    Entropy (8bit):4.917418544877081
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:JTsz8raaX0w5ra8B5KuoeQ1cU6zxIkyZxYDPEeDmb5tuDuXZ8KX8/6Mhm4:Nzraakw5e8BcR32U6zxIkyZxYjEeCb5E
                                                                                                                                                                                                    MD5:0AADE494F07C335EF3C1A4A265A0C11E
                                                                                                                                                                                                    SHA1:7E31D47635E6B2451387FF04B260F79B8B1409D1
                                                                                                                                                                                                    SHA-256:E3A61B6CC73EBFAA9BB2CF2DDBB2AAD9C79D00F3D83506BC4905E0110DF8769A
                                                                                                                                                                                                    SHA-512:20A460A39C81B754F7107248FECBB05A77F53C1F0D4C0F5C8F1ED3FA09800EE420A009CD2BEDBFF4C39EA18BD1A1A757690B721151099AF7FCA3E774EDFC5FC1
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qtableview.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QTableView : public

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qtablewidget.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):9303
                                                                                                                                                                                                    Entropy (8bit):4.952257065519281
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:McTh+Vd/nwXh+jFQX/FY0Q3gI0xcxA1uc9uGIFRpXQltJCXLxHs:LTh+Vd/nwXh+jFQXdY0Q3gI0m+9sFRpG
                                                                                                                                                                                                    MD5:503FCB09A1114F49AD1BDED6D9E13B7C
                                                                                                                                                                                                    SHA1:7CB4DDAAD1EA97B7E204C7599F9775BFFBD93B9B
                                                                                                                                                                                                    SHA-256:72998A0153049C47E80676C14E829551482E7AD1B49CB210F23184832C6FAD7A
                                                                                                                                                                                                    SHA-512:A077542AFE7FBDC91B36D7A695700BD954076DBCA734BAA0945A4A968261A67C7778CD2AAB46C45B44AD4495E57E6C0A9A6D52AC31D464D1E8A278BE07A2CC82
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qtablewidget.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QTableWidgetSelect

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qtabwidget.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4511
                                                                                                                                                                                                    Entropy (8bit):5.008537269210936
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:pxTszcwwuTggxwpmhdXmick+HFLRXiKgh9+WW6ijGXmdn:T7VVviJ+HFLRXiKgh9+WW68GXmdn
                                                                                                                                                                                                    MD5:CFB26CABEE0B9C96F04F4045B1D6E776
                                                                                                                                                                                                    SHA1:A9CA1501D12121231B34CACBEBD0CB167614618A
                                                                                                                                                                                                    SHA-256:16F9C75701DFE34017C3FE60B0C06743C5CD0EAFD7701DD9A68F649139A82C6B
                                                                                                                                                                                                    SHA-512:449BDF053AFCFB22A0FE67D625442DFFA6FEA43042421B84B98A4AAA9CC3B2E2A6725E744A120A5CFEDD51BE3401960EC09D93309C32002FC49837AF3EB2E213
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qtabwidget.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QTabWidget : public

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qtextbrowser.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2967
                                                                                                                                                                                                    Entropy (8bit):5.1060502493810205
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:vx098RszhJhRFqqzZJ2hhC6uDQMJWJULsv4UlXLaJ8JenJEJqKJXys202rSqLRA4:vxTsz/5lchDuDQGAUS4UlXLaJ8JenJE8
                                                                                                                                                                                                    MD5:249E2E6817C69813F5931DC308DC78CB
                                                                                                                                                                                                    SHA1:C6773A6D88C953298F683E75D083360C6D8604C0
                                                                                                                                                                                                    SHA-256:F92DB8E3F62310FDBDFFC852F16EA7A0BD2B1593693A9A517BEA3FD47C0695F5
                                                                                                                                                                                                    SHA-512:CF733ECC239E6BF9C27F4276795757EA9499191403908669FB2B156568B96A0A0E1C947796335E9C3A45D074713005F8EB21A14C238DB58AC5F090F3D11D93E4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qtextbrowser.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QTextBrowser : pub

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qtextedit.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):8210
                                                                                                                                                                                                    Entropy (8bit):5.023320371911588
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:nofThAK2Nl2/RklmyD26bh6AXL/6YgzCsUqXy3LD3Tf/HKqKKJ/jXmnF0nCCvD4n:ofThAK2Nl2qlbD2G6AXL/6YgzCsUqXym
                                                                                                                                                                                                    MD5:E50FF618EB60F14E4BDA9D35E1743846
                                                                                                                                                                                                    SHA1:9B977D46D711D61307402EBB00C973610F704EC3
                                                                                                                                                                                                    SHA-256:17ED82E34C509CAAEC192B7CFC3B29B4B40A36A577EFF635C958BBCC91622F77
                                                                                                                                                                                                    SHA-512:EDEDA238E04F52538C7278720F700449E832A3C8B47FEB1238A5B37E82E3AA82879A6C5B0319362BE71FDE53A96540E1196883A7A0FD2DA5DD97C02C086DC790
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qtextedit.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QTextEdit : public QA

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qtoolbar.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4349
                                                                                                                                                                                                    Entropy (8bit):5.008217269924836
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:7TszYsdsu80odb0oYuCs7F1j0LI/IlIXdit:nLsdA0y0UC6P0LI/IlIXdit
                                                                                                                                                                                                    MD5:ECC0B13B724AABB2DFE8A8E3A60A8E6A
                                                                                                                                                                                                    SHA1:FB5F57FB466EE0740E73748E6387097F798BCA49
                                                                                                                                                                                                    SHA-256:F0C4B1E5A05859DFE3D4B0E63B3A71E2C018FC6997B6F44AA7C04351085A1AC0
                                                                                                                                                                                                    SHA-512:D11EA0C71F5C6ABA50F262DD8AA5C42BF46D4F274BBC8F00AD52374D7352C8D9916A4CA7B07645970513C7A39D3EC8A6B77ACD403C365AA61C778432A57170EB
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qtoolbar.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QToolBar : public QWid

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qtoolbox.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2486
                                                                                                                                                                                                    Entropy (8bit):5.002889541621707
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:X098RszhJhi3xbEZGWrWbUkT8CCzfFRXLja:XTszW6VDOCzFRXLja
                                                                                                                                                                                                    MD5:08F2664F9BDCE04F049CA9EE408BE4F4
                                                                                                                                                                                                    SHA1:061571E165F312882219060BB668908877845519
                                                                                                                                                                                                    SHA-256:8317F80E2B09625F3C59BB3C202E5389AAD2A55A0D5A139EB4F6683FBC04F710
                                                                                                                                                                                                    SHA-512:E9FCCF51C642D2DA643F97B4711222FE41F0D9A677465595B7730C4493CA3A859CF0953F1AB0A3AB3F41C20551BA091A0CCADE0ACB1DEC95A8E1D6BB188EDC8B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qtoolbox.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QToolBox : public QFra

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qtoolbutton.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2567
                                                                                                                                                                                                    Entropy (8bit):5.015094431426271
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:Y098RszhJhR3kdigFNdQbIlyTOoGgr00b9S46QXLew6I83GsvbXMZG:YTszrmigiTObgfRhXLew6I83GsvbXM4
                                                                                                                                                                                                    MD5:9700FD6325243D480393835E06774CEA
                                                                                                                                                                                                    SHA1:70A4D631F457D70428A8430E472FDE32E350E549
                                                                                                                                                                                                    SHA-256:E68BA96B2D8388A495930CA1A6B4971548B35AE7AFDAF7FDF2E4F70580B26ED7
                                                                                                                                                                                                    SHA-512:632B77C5E004900D109368E8A6E491201A0E810836B0BDA8BB4604D4EDDEC36A17C662B131212CAB0932B820188EDF7A1ABE6CA278DEFE0B60DE511BF2BF36B0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qtoolbutton.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QToolButton : publi

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qtooltip.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1630
                                                                                                                                                                                                    Entropy (8bit):5.093744486166698
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:UcR098mXIpmNDzVZRURU2SnOkRLBEihsPhse/Chse5OF83e7:b098RszhJhRV5aB/iB5C83m
                                                                                                                                                                                                    MD5:1603F433195DD12ED41ACBEA2C133AD7
                                                                                                                                                                                                    SHA1:019A0D2897876A85015D370C2AC068B5C24577C7
                                                                                                                                                                                                    SHA-256:FD0F575E34E1F05B51BB6D2802AE1DCB86D91A9517EA04A29AA05BEFCC2A147C
                                                                                                                                                                                                    SHA-512:98A6C175E1A83DFCBB8A2E56B2A121592ADCE6D8E7BF3876BD679C7D2F5F07C50135186F0FA45B7CF69DADF8E504861692EDE57CFACCCDE7E79FEB92395A75A2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qtooltip.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QToolTip..{..%TypeHead

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qtreeview.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6715
                                                                                                                                                                                                    Entropy (8bit):4.937251244322979
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:pV3aaouz8BcnqeYUUxZkyxYjEezxIkI8BCcIqGICh6XbzU8qARIXXNQiJn:P3aalz8BcnqeYUUxZkyxYjEezxIkI8BW
                                                                                                                                                                                                    MD5:D49DE8313D81AE39CBF8900E7914C2DE
                                                                                                                                                                                                    SHA1:292F38D69B3182D3DC6226457FF308751B48CC75
                                                                                                                                                                                                    SHA-256:A370CECD0778C1A69BBC1D16C620BEF65E87C7D27FAEE5061F7DFC345F939ABE
                                                                                                                                                                                                    SHA-512:4AF7FCADA4A7191E20D344B3A2BF203E85E577772009D154075A236D6CF4F36816CCC776B8C8AA8E7A5ADE18291385199B2157ABD506F0E84233EFDD5AAC7630
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qtreeview.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QTreeView : public QA

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qtreewidget.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):10494
                                                                                                                                                                                                    Entropy (8bit):4.905692822079317
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:YbO3iVCTd8n9XL+jF3+6y71F6CQ+YaRd0yHkDFR3XBltJNXLx6CGXss:ePVCTd8n9XL+jF3+fQ+YaR6g4FR3XBlu
                                                                                                                                                                                                    MD5:EC5A231E882BFAF74576ED74E9D81815
                                                                                                                                                                                                    SHA1:396E5513BA7AB2DD2459F6769E382165B75CA10A
                                                                                                                                                                                                    SHA-256:1707BB910F5546488F55296E290DD7D56FC558FD4459D875ECDD173BB4643F47
                                                                                                                                                                                                    SHA-512:183E5D32D7C40E22002994B0037C25A2E0975F9E098FBDDEBE06863B0A4824B8C8D79010A37F85FB693945B81388F8DF40A8CD11F07E4F82509A4A4FA5157BAA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qtreewidget.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QTreeWidgetItem /Su

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qtreewidgetitemiterator.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2362
                                                                                                                                                                                                    Entropy (8bit):4.9522201155263925
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:DmcR098mXIpmNDzVZRURU2SnOk2lNIK8LB2i5WTk+QOOWFtnNq/NlpsNMNSKNENr:t098RszhJhfL1v1gFnCubMNaB
                                                                                                                                                                                                    MD5:47C534E1B1325FF8342D028231186041
                                                                                                                                                                                                    SHA1:6EF4ABBD0A36612A5CB1E991A0AA41A1057131D1
                                                                                                                                                                                                    SHA-256:0B7E42D9A82C7AB076E0DD90DA93D2C4B79E484509E18B98D833A9095198859F
                                                                                                                                                                                                    SHA-512:DE01336301AE2D2CF883C5C67D567C3225C58A3C4A60F664D9C389EFEBE36E105A09D607AF24C9D59D1713A9054E65AA2C5F17271A24425B2DE31709FAB67D4B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qtreewidgetitemiterator.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QTreeWi

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qundogroup.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2110
                                                                                                                                                                                                    Entropy (8bit):5.105661161965456
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:CcR098mXIpmNDzVZRURU2SnOkMA2PJD6pjMygvpZEBZUWOu2use:t098RszhJhMAoJDmjMygvpZEBZUWzB
                                                                                                                                                                                                    MD5:5919CE37CCC0087625B1CF1AC4D9DB70
                                                                                                                                                                                                    SHA1:79EB137B5287B3B117AB6C3DA8700A592495789E
                                                                                                                                                                                                    SHA-256:470999886F78E7D1E05D95B09C3485627E4053CAA58F9F7F1CBF5626D9839C94
                                                                                                                                                                                                    SHA-512:B5A37ECA8D6A29237E8EE2E36EB128DA4EC9FBDDAA9C28CED51C94F236AE7C8AEC79E9E8795A0C7B2DD5C0A05435A6C9F68929CE9AFD47C7DD22507B494D1280
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qundogroup.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QUndoGroup : public

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qundostack.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3176
                                                                                                                                                                                                    Entropy (8bit):5.050235558839131
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:k098RszhJhnDkZpQXTf6+gQqXZlgSt61GqApChpZEBZURZeQCPW9xbHaFMUuG:kTszpYZeXD6+Loll0AU12apCy6Fd
                                                                                                                                                                                                    MD5:4CEEA5C6A85B1FAC0142DD5446F4DD72
                                                                                                                                                                                                    SHA1:4E803CA345701848B00268A6992647BE214B2565
                                                                                                                                                                                                    SHA-256:6C2C2BA35ABD68FDC113E7FC4006F0F365983B52BA9F10A96BCAF649855C94AC
                                                                                                                                                                                                    SHA-512:E53EEEB042E16F909AE92EC856BBF53FDB1B7D7683ABA224688247520508C664CCF1A660CD5C036636A6E3DC5DAA54CC9348EFBEA6F5C821B7A6BB029E003316
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qundostack.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QUndoCommand /Supert

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qundoview.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1648
                                                                                                                                                                                                    Entropy (8bit):5.165328171233549
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:+zcR098mXIpmNDzVZRURU2SnOkiJJhJM3cGZU0dEUDv+i:+E098RszhJhiJhJM3cqU5sb
                                                                                                                                                                                                    MD5:CF5B266C3DFD38B0BF7B706E22AB077C
                                                                                                                                                                                                    SHA1:79DB36037B6F848616F0C62D1F3A35CE63B9EF75
                                                                                                                                                                                                    SHA-256:41BA04FA209146EC409AE1A6092555CF28BC428499CBC55A6814437703DEF6ED
                                                                                                                                                                                                    SHA-512:2E1403D0AE3067688B46483A4F3654B226123100AC40A39555472EC7F3AF0B3083B73D8FC1D5061F376B603604073D81E889A83D98F7DCB0587E3A55E3BB962C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qundoview.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QUndoView : public QL

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qwhatsthis.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1391
                                                                                                                                                                                                    Entropy (8bit):5.120088534201757
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:EcR098mXIpmNDzVZRURU2SnOkB9HgJfnhs/6RFz:r098RszhJh3HgJp+6Fz
                                                                                                                                                                                                    MD5:78A24A7E9A257C1E8BB6B1CFCFA75930
                                                                                                                                                                                                    SHA1:FF7C99CDD117B1344EB3FE5D17E9714C1E84A655
                                                                                                                                                                                                    SHA-256:0CA27392A0BA508052A57549A8772C38F910376058AA64689A7C61F13302FC67
                                                                                                                                                                                                    SHA-512:9F9791CF06C1BEA6AA32F6432658F56D0FC2EB40A887518760F3B09D83C965BB5AB7220089A7589E0D2ECFFDEDA65C3A00464079992CF7D55533C189238251F4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qwhatsthis.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QWhatsThis..{..%Type

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qwidget.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):15876
                                                                                                                                                                                                    Entropy (8bit):4.958158754930317
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:wm2wqIjoiFpEmXi5vx3GhDxM836+gSuIIimuGK8seFyTXGoyX1oPXLOG:VqI3dz21ofV
                                                                                                                                                                                                    MD5:EB4D4F14B49CCCA87DCD682C86BAEC7C
                                                                                                                                                                                                    SHA1:79B0CB554FA61D8EC399B6F9D9796BAEECF13C18
                                                                                                                                                                                                    SHA-256:DA270E05FE15C7F17AEAB5747B691D342339CDB686CD1A719F9C0E60F8A68096
                                                                                                                                                                                                    SHA-512:E4FB11D07D0BE3A2B2ED644F7B287A9741FA02B486D860B281B1EC8228A2D673682538886E262A4BBAEC246C3EDC957F4DB9949B30E7A44C6B85938A1708B04C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qwidget.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......const int QWIDGETSIZE_MAX;...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qwidgetaction.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1601
                                                                                                                                                                                                    Entropy (8bit):5.102816061330261
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:Ix098RszhJhvco6bqpkeFpOHTXiX0lpciG:kTszhJwNePQTXiX0lpcT
                                                                                                                                                                                                    MD5:A02000062963ED57E8B25447B305E0AA
                                                                                                                                                                                                    SHA1:DB77E25D3B63D30F0F2D90FC7445B7AB4DC03D1E
                                                                                                                                                                                                    SHA-256:66F0EC13E04642E98612856885DF6F03DFE68A351DB70D327010EDCAA7B9CFD2
                                                                                                                                                                                                    SHA-512:9FC9C08826FF54288242458425F48E6A76B94E27745170A080F6197FC8264040065BE77F69AD3026D5B85F39286BD2BC24FE9EDF9441A11A5EEC40F0227AE607
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qwidgetaction.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QWidgetAction : p

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWidgets\qwizard.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):7998
                                                                                                                                                                                                    Entropy (8bit):4.993291380188291
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:jwpdrMRNGVX7rlclJePJXdITIlIxgyilO13c8aiqXIXVLrOu9w0:NGVX78sPJXdITIlIxgbliqXIXVHt
                                                                                                                                                                                                    MD5:EED5D80C5DA9FE5059354E99A3321808
                                                                                                                                                                                                    SHA1:D7EBD9AD36E926DCE0CDB74ABF5BB4A5E4C531DD
                                                                                                                                                                                                    SHA-256:A80E01CAF8EB3F696710D0C5B85B8F616CFC0392CF76FC1EC45A4F7789602B98
                                                                                                                                                                                                    SHA-512:1F2C42E4FC435FC898C78AAD6C0218B73E4CAD87760C7D39AF67093171BA0D203436A0630CD5C0AAD92645155C5652F7C3C76E77623C39EBABD087A438564427
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qwizard.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QWizard : public QDialo

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWinExtras\QtWinExtras.toml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):186
                                                                                                                                                                                                    Entropy (8bit):5.1082523156733695
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:SZ3GMiyT8QQCQIMQDKN2KgdCMo9MKxwehyIWWMKxtHO+Cm4o6Mvk/dkC1WiE4yn:SZDim82QIRG2KggMsNthyIXo+Cm4o6Tg
                                                                                                                                                                                                    MD5:CF052AA91B8EAF73D040091CF6A2BDFE
                                                                                                                                                                                                    SHA1:945B67D699B934A37036F815F240DB5AE9C42C12
                                                                                                                                                                                                    SHA-256:AD622D2EC312ABA98C7BEB397AB399E0C3CA9F6C886A74F4C61FC0C8BD510635
                                                                                                                                                                                                    SHA-512:7B98AB6D1BDE957DB5AB8729325590BA88CCE8E7E3886B9FBB4D38FD6C304CBB7A2DA02FF6B4B68F3B92F509DBC02115B0CA5D223F9D220E1AD6EF647B88B1D4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:# Automatically generated configuration for PyQt5.QtWinExtras.....sip-version = "6.8.6"..sip-abi-version = "12.15"..module-tags = ["Qt_5_15_2", "WS_WIN"]..module-disabled-features = []..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWinExtras\QtWinExtrasmod.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2198
                                                                                                                                                                                                    Entropy (8bit):5.16835167854766
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:WAC6G98mXIpmNDzVZRURU2SnOkigqPlSI986wiND/fZR02ASBOk/KViQMzM5:C98RszhJhsPJ98tAzhAS//Oazw
                                                                                                                                                                                                    MD5:05F263D5CBBF44FA85A736CA1629A1E7
                                                                                                                                                                                                    SHA1:AA6FB8B6210608997AD3BDDC0B9B19D022F0BDD6
                                                                                                                                                                                                    SHA-256:06ED648A2709C838C836D19FA9E8B8DD3CA537FE98FDE2314C3DC03650BDA985
                                                                                                                                                                                                    SHA-512:3DBF5F9C61343473C0C9D9CE4924ABDDB82DBBB5AF101B1F8935BDBA9B674834764B8A22050B05C7331C460E6259453A3083C7B3D8A4AFA2F14DA73289FED8F6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// This is the SIP interface definition for the QtWinExtras module of PyQt v5...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%Module(name=PyQt5.QtWinExtras, keyword_arguments="Opt

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWinExtras\qwinfunctions.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4424
                                                                                                                                                                                                    Entropy (8bit):5.120438876934425
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:rszPxOK5ocg/GUahfMQsrQASZWtAQ9znVznQFnQfkEL/f4qa3qO2qyyQDq9ztjz1:r28AQAJRW9zVzQFQfP4qa3qO2qyyGq9/
                                                                                                                                                                                                    MD5:738088FEEDD902E8928B9949008FF835
                                                                                                                                                                                                    SHA1:5FAEC09F0206433023C1CF63BCCFDF3215EB16DB
                                                                                                                                                                                                    SHA-256:7BB8615A25037A6AFD6A7A3345C2057CCCEA2535267CDA8D7C77C2A4FC0552CF
                                                                                                                                                                                                    SHA-512:DF5D91478240FF1412B1FA9C8781ED9D659EB05F9049310CF384A9BFC6F430D5F291EBF399D293CC12861D348C97A3D3E5D016F3078E0E2516913F41FC800DF3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// This is the SIP interface definition for QtWin...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_2_0 -)....typedef struct HBITMAP__ *HBITMAP;..typedef struct HDC__ *HDC;

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWinExtras\qwinjumplist.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2492
                                                                                                                                                                                                    Entropy (8bit):5.241610947815705
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:M98RszhJhpeBAVyWQpwshWKcgouDRWRKmMGUH82Kw:bsz6BACwshWKPsqKw
                                                                                                                                                                                                    MD5:75AE8EDEFBAD96B050A7FEC06A0F60F8
                                                                                                                                                                                                    SHA1:38BCB55C6269A36B5ED7CBE463AD0A93E58F39CC
                                                                                                                                                                                                    SHA-256:062B7E2B4D5A3D2A40E38196C39FFEC518C114FEF82818E8D0129C22BBBA6552
                                                                                                                                                                                                    SHA-512:832F8A62CC5D87F6DADBAC9EC7D80A3A67461EF13C2724DEE89B08E06DD77071A899F742149D5248027DEB5A3497DFEDD0EFB250B429D4CF72620EE98382FAA1
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// This is the SIP interface definition for QWinJumpList...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_2_0 -)....class QWinJumpList : public QObject..{..%TypeHeaderCode

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWinExtras\qwinjumplistcategory.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2135
                                                                                                                                                                                                    Entropy (8bit):5.0646462841603475
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:VS98RszhJhpeMfjtpcjWKjn+Odwp6jVxK:jsz6QTsHjK
                                                                                                                                                                                                    MD5:CE445E184588973CE8051E0F493899AA
                                                                                                                                                                                                    SHA1:6C3FDA57EAA1578F1F644332833CCD8B71933FCF
                                                                                                                                                                                                    SHA-256:4695D26361CBD01C5E7B9D5B6B7BBA629893301CCBA52DE0FAA822A561D64CA1
                                                                                                                                                                                                    SHA-512:9E7E7465F55016BBBF52FD9300658488689B4C0F7B1FAA2B801ED4A18CD25D35951E950CCE80417F12A1EAF3FFD8B865F1A5E21A60B62B56FF37EA8FF4B87595
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// This is the SIP interface definition for QWinJumpListCategory...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_2_0 -)....class QWinJumpListCategory /Supertype=sip.wrapp

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWinExtras\qwinjumplistitem.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1844
                                                                                                                                                                                                    Entropy (8bit):5.071676769382164
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:WjC98mXIpmNDzVZRURU2SnOkpelFVwTPJcOc0Hxky2HBd3Q12ubGevSC13V6ha:j98RszhJhpepmxbceP2HB1Q1n9vZ1U8
                                                                                                                                                                                                    MD5:B336334F5A23337CB9BBB6E2E47498AA
                                                                                                                                                                                                    SHA1:F9E80856B8F93517D9363767A6C4B31C171E11E6
                                                                                                                                                                                                    SHA-256:BB7B91AEB472907B0CBA084A54A9035F9D7E7A3B2F2F2826AFE6640713F1BC08
                                                                                                                                                                                                    SHA-512:10C3482D29858E43063DB62632D10B393F702058687F3484E46478D9BA16ADF282337F49834981A09BB0B59FF6EA6828FAA92D1813D6BFD1574DA58199A7ACE0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// This is the SIP interface definition for QWinJumpListItem...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_2_0 -)....class QWinJumpListItem /Supertype=sip.wrapper/..{..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWinExtras\qwintaskbarbutton.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1644
                                                                                                                                                                                                    Entropy (8bit):5.184962831068816
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:WHce98mXIpmNDzVZRURU2SnOkpeGOA2aUf3cQ6PqWPZsniWABkfF:3e98RszhJhpe9APUfMQ6PbZgiWABs
                                                                                                                                                                                                    MD5:513F06E625BE6EBCA2DBBEC0E13EC321
                                                                                                                                                                                                    SHA1:401D51E3BBC6D5290AE6690E53B2AE695F37D372
                                                                                                                                                                                                    SHA-256:E21C5BE04212AB34CFD1E622FAB364F5A51D2B91EDAE13F1700DA39D0ABF80CC
                                                                                                                                                                                                    SHA-512:06E5D6D5CE690BEB8FE0363ADD7FEA24694F8D991BD473763981A0023A78D1E7320A31896CA0805F6103620E4EAAC0928338723DD6B2D9BE893D016D186F5EAB
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// This is the SIP interface definition for QWinTaskbarButton...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_2_0 -)....class QWinTaskbarButton : public QObject..{..%Type

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWinExtras\qwintaskbarprogress.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1923
                                                                                                                                                                                                    Entropy (8bit):5.081049756106582
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:F98RszhJhpecAazdPssCp1tWPlVJzalj3:Wsz6cAa98KeJ3
                                                                                                                                                                                                    MD5:FFF1C5E4628AB5A790A979A94B59BE1D
                                                                                                                                                                                                    SHA1:E631E9CA662770B24019AFF6356254FC585FB0AD
                                                                                                                                                                                                    SHA-256:FE0F89DAEF741991ACE6B2CF9D3D0B7C1AF142F07F5DD3EE86E812A93995C5A2
                                                                                                                                                                                                    SHA-512:863B05473281E85202BD47C3790BCB884A44CDD2C4DDDCF5B83CE20C204BE781209D257E0074C8B971B0751D68460896223FE8CE5518C52C1EA5C6D1245A5A14
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// This is the SIP interface definition for QWinTaskbarProgress...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_2_0 -)....class QWinTaskbarProgress : public QObject..{..%

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWinExtras\qwinthumbnailtoolbar.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2111
                                                                                                                                                                                                    Entropy (8bit):5.204909026233653
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:X98RszhJhpeIAURfPQ6Pptp0bVk6rHTS5l5k9:0sz6IA+PQ6fpRdXQ
                                                                                                                                                                                                    MD5:1910C8B25EBF16DFE0FD3205040AAB2E
                                                                                                                                                                                                    SHA1:61D2B4A2FCEBCF84D1F3DFDB0DF9A2756B2D7879
                                                                                                                                                                                                    SHA-256:DD821FDCE5ECDC32B69DD6BE506490D3D89321ECA9FDEDECBD82E233C8DF10F8
                                                                                                                                                                                                    SHA-512:F5EA2B423FCD2D812985420BC36A9CEB1108224352373F5B032403A2DFAD4EC5F13293496D9B89BF3EC50070D34D5DD757FB173A48E68709B754D6F3989942A4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// This is the SIP interface definition for QWinThumbnailToolBar...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_2_0 -)....class QWinThumbnailToolBar : public QObject..{.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtWinExtras\qwinthumbnailtoolbutton.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1824
                                                                                                                                                                                                    Entropy (8bit):5.090068375813715
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:WHke98mXIpmNDzVZRURU2SnOkpeeOA2iYfJP6d3QY6ykoByBfP6KU1:je98RszhJhpeVADYfJS1QY6ykoByBfS9
                                                                                                                                                                                                    MD5:C7813A1D930888956CCD2BE196279F54
                                                                                                                                                                                                    SHA1:EC88A2C5BF996DB8F4991E4AA56597EF6B3DDC1F
                                                                                                                                                                                                    SHA-256:5676E215310B0271198E3080F26D87C22195A02E2559CBE18AAA1D6D7104FE9C
                                                                                                                                                                                                    SHA-512:73190D7BC70E7822141751DCBAC3B361910D57F2E144C5B69353146FCEEEDF6AD9E4943DDD98D229C5EA067C95AB68005A3874D207D78542023C439F60E0E9AA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// This is the SIP interface definition for QWinThumbnailToolButton...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_2_0 -)....class QWinThumbnailToolButton : public QObje

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtXmlPatterns\QtXmlPatterns.toml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):188
                                                                                                                                                                                                    Entropy (8bit):5.089067865226622
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:SZ3GMiyT8QQCQIMQDKN5F/ovooMKxwehyIWWMKxtHO+Cm4o6Mvk/dkC1WiE4yn:SZDim82QIRG37oNthyIXo+Cm4o6Tdk6A
                                                                                                                                                                                                    MD5:01FE70A7F65428199FF0F5DFA9021FA7
                                                                                                                                                                                                    SHA1:5861A3C881FCA9F84CA8729FDDB882C523C0A552
                                                                                                                                                                                                    SHA-256:383B0F23B8CB164BB6168B34C3881DBC9C8559CE7EEF26D15AFC3A8ABDC486B6
                                                                                                                                                                                                    SHA-512:A3695C74ED4D3C260C0A55ED8A5382308F313627EA59EDA09923A48897EB0372C3DFB7FB04B276B38A404C46D25741AEEECE208E88E40C8470D8E1DE12F52079
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:# Automatically generated configuration for PyQt5.QtXmlPatterns.....sip-version = "6.8.6"..sip-abi-version = "12.15"..module-tags = ["Qt_5_15_2", "WS_WIN"]..module-disabled-features = []..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtXmlPatterns\QtXmlPatternsmod.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2436
                                                                                                                                                                                                    Entropy (8bit):5.167199269489319
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:szQ098RszhJh1dXxXJ98tAzhAS//O+WJuBS3h:JTszdRmAleaU3h
                                                                                                                                                                                                    MD5:6B7F87178C4BEBB131D2077E42E04525
                                                                                                                                                                                                    SHA1:EFCEBDD147AB6C4E6BB9145B6B958DC87DB61792
                                                                                                                                                                                                    SHA-256:187984660EE2715D624C4FC562DCE4A1521A28491654577FAB03F77350376C3F
                                                                                                                                                                                                    SHA-512:A315C5FE3CD5F2B10EC77F5278522F945436D226B64B4E6A2A72766F45F8234CCB35401E31B75AC7FF6B3BDED51160F038E307EB99F0B47EA375CE2CAA49955E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// QtXmlPatternsmod.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%Module(name=PyQ

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtXmlPatterns\qabstractmessagehandler.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2203
                                                                                                                                                                                                    Entropy (8bit):5.06421764988089
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:cPIQ098mXIpmNDzVZRURU2SnOka3vA23yapPFYFBSWNu+BIK0zexLzdw88aRZov:NQ098RszhJhafAmyxSf+xLzdz8Io
                                                                                                                                                                                                    MD5:EA185F6307CB92246C82A9205120D63D
                                                                                                                                                                                                    SHA1:49C56F67A777300F7CB297EC0D08272B3146FB32
                                                                                                                                                                                                    SHA-256:43CE73169D3F77A0D9DF719A7408B87A622306B2C9184C98E4B28C30ADF8D75C
                                                                                                                                                                                                    SHA-512:3129DDF849749C989D746CF8BE1CFFBDAFD676044D80B8E8EF11B089CCB1067EBA5E54C484032A1D1389F11EC40D4DF8F1A52F154B3DCC0CDAE972030C0551FA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qabstractmessagehandler.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAb

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtXmlPatterns\qabstracturiresolver.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1290
                                                                                                                                                                                                    Entropy (8bit):5.14640338035351
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:/PIQ098mXIpmNDzVZRURU2SnOkRA22wQYCAmov:oQ098RszhJhRAFwQYCAH
                                                                                                                                                                                                    MD5:B71A583C8E8CAB7295985FB97B4C2A67
                                                                                                                                                                                                    SHA1:D7C4623083E9794D0219435B8D32FA72237E723E
                                                                                                                                                                                                    SHA-256:327E56B1D609FECB9B093A6D25079A3166E928F20DDBFD4CA1E34BAE384B0FE0
                                                                                                                                                                                                    SHA-512:3DE8EA247486E0AB7171177A35F7FF9B977CBF27592D0F21725BE9D0C1003258DDEF8FB61A1AC04B529146A6B3390BEAD9987772785161C5B0EE640CE9B7C6BD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qabstracturiresolver.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAbstr

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtXmlPatterns\qabstractxmlnodemodel.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4353
                                                                                                                                                                                                    Entropy (8bit):5.045521710024932
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:zTsz5BCvE+YRcZmi1tf/+MduLElHp9vU/NKbu:/ECc+YR6mi1tf/+MduLElHfwl
                                                                                                                                                                                                    MD5:23C7F459B9BA1F7A4829EE9D3956395F
                                                                                                                                                                                                    SHA1:F4D5FB4A49EBA1F21DBED620EA26762E28E4D3C1
                                                                                                                                                                                                    SHA-256:754824FE0FFBDF8C509F5907350CCC60D8741B2FD87997B035349D888753CC76
                                                                                                                                                                                                    SHA-512:2E45C42E7672D5A54D666F31E6BEC51E14404CE0FD12F3D0734612FF025E595DDCB123E4B92EF96B4D0608A175C11F7CEB2A5CCA3E25C7CB57090A2277021B08
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qabstractxmlnodemodel.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QXmlN

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtXmlPatterns\qabstractxmlreceiver.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1881
                                                                                                                                                                                                    Entropy (8bit):5.081654584787499
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:rwQ098RszhJh/WcVftJc3EilVJYJxiiQqVEJly:lTszYcVtJcEilVJYJxiuVEJly
                                                                                                                                                                                                    MD5:362D4EE921CF17B8A158FD4743114307
                                                                                                                                                                                                    SHA1:1661D6ABEFF394DC7E5A9056E5723DE87EFE52CD
                                                                                                                                                                                                    SHA-256:84FE9115978AC3C441005A07547C00E622C4CB2AFC2503314A77BF94932ABAC6
                                                                                                                                                                                                    SHA-512:7AF80746ADEFC41FDF04C1E37DE1EB99E23216F91B1F6A9AD9B739EE2CB6B00C835275B3E6BDF1B10141EC4D585250B5235DBCEE12EC7C6422734146691E7349
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qabstractxmlreceiver.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAbstr

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtXmlPatterns\qsimplexmlnodemodel.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1626
                                                                                                                                                                                                    Entropy (8bit):5.14514644819171
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:BPIQ098mXIpmNDzVZRURU2SnOkeaxWQOvERlQJrcQQ/0ARQGPiQXmdG:KQ098RszhJhrZOGlQmQQciQPQXmG
                                                                                                                                                                                                    MD5:104E0F265172AA44D7AFD1B36DEBE3DC
                                                                                                                                                                                                    SHA1:082C9C2BE3BA8C88369BC22FAC9CB9D8F5D0C03F
                                                                                                                                                                                                    SHA-256:DE583EEC69098687CE3082FC17FB519F5272CA0B7F6D36A90D6C67FF6C3C8B9F
                                                                                                                                                                                                    SHA-512:90492B47FFCABB4FEF5ACD6F363C362B038D6B2E6E3427D2D7BB57D20087782D3E3261CA3DF951C76FAAF9B55858210A6743217CB9B3D17BE0CC7FD48B2968AC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qsimplexmlnodemodel.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QSimple

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtXmlPatterns\qsourcelocation.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1659
                                                                                                                                                                                                    Entropy (8bit):5.114085657830249
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:QHQ098RszhJhyqtdasVRrj4K6xyw3uYRn:9TszYidaagN+YRn
                                                                                                                                                                                                    MD5:C1392DB7A39C0C1AE16AF418DAA6DE81
                                                                                                                                                                                                    SHA1:D7EDB422BF012321FC5FA0D2DBEC34F16A73D541
                                                                                                                                                                                                    SHA-256:45C726D73437EF9FD266CE5B9245117A315A6EF2F3AF332A0D483D0430519874
                                                                                                                                                                                                    SHA-512:11C562E89CEB9044567E6958214F31ABE5DC14FEFAFEF42BDE27E390FEF5D17BAD7FB89682B4839B08A888DED6053F0AA7C1F0800CB22A7D4443E4FEDBAB46CD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qsourcelocation.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QSourceLoca

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtXmlPatterns\qxmlformatter.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1786
                                                                                                                                                                                                    Entropy (8bit):5.075474493551537
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:TQ098RszhJhi/x9gmEZVw96cY/ZiQRl6G6NguO:0TszM9gmEZW96T/ZNl6G6NnO
                                                                                                                                                                                                    MD5:B141BD07EA515BA288176EC7CA60F768
                                                                                                                                                                                                    SHA1:CCB30053AE3F609A85422B20C433BEE9EE6E4348
                                                                                                                                                                                                    SHA-256:E6CE9CBFDE96E0D8FC8038CF3397B94062A45C2DFC8E65F39636343955FB8808
                                                                                                                                                                                                    SHA-512:584966EECD6DDE1EC424BFFF7738873A9678D24D719DC57217D72D7D3487A3B3A20EEED4F72A8D7EF32F07F864958D3C8F85E6942DBDE1EA779837EDA1929154
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qxmlformatter.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QXmlFormatter

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtXmlPatterns\qxmlname.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1860
                                                                                                                                                                                                    Entropy (8bit):5.15395770611283
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:IQ098RszhJhX0bumZbZVZSrnc74KTw3uYRn:BTszzKdP1M+YRn
                                                                                                                                                                                                    MD5:084FCEF0DFCFF9986B79CE74455EE1FC
                                                                                                                                                                                                    SHA1:E1EDEBFD9FB7D224EF174F35FE9FD4B2B433D194
                                                                                                                                                                                                    SHA-256:899F3B161DD059C93B6378085C30A98D51CE0E8D56C06BDF5003623D40FFAD9D
                                                                                                                                                                                                    SHA-512:EAB85FD5FCFEF2187482CD48785971C5A35D26CF9BC23177339691BC0B6C87BB7D9E802A277FCE274D443323346E8943FD45559F5A7DDF49D22E059CEB1B2663
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qxmlname.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QXmlName..{..%Type

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtXmlPatterns\qxmlnamepool.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1157
                                                                                                                                                                                                    Entropy (8bit):5.1563041110498
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:83+PIQ098mXIpmNDzVZRURU2SnOkONq0I6X:KHQ098RszhJh4qb6X
                                                                                                                                                                                                    MD5:DD303ED19A05B53E672702EE2F3012AC
                                                                                                                                                                                                    SHA1:1F65B425A5AC9885020295531B51A7A1B90A46B6
                                                                                                                                                                                                    SHA-256:CDA39C1E49D0CB3781A51064CE2A9DBF380E05341B6923D40CAC8D08E3A83575
                                                                                                                                                                                                    SHA-512:4B37FBCD0DC47A4864DF52C9D9054ABF0B858A3E61A5141B03910DB64FB7A9268678DADB009405F08FB493E0A0C6D8419428F9EFAAEE585EED140B592E2206A2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qxmlnamepool.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QXmlNamePool..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtXmlPatterns\qxmlquery.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4503
                                                                                                                                                                                                    Entropy (8bit):5.0382129773213595
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:8PTszbBWuc97q6Lr9HpeENL9pL9lg7Yadz4Iv4hsdzIIv4+e+sIMI:8bW8peEeRdVdwTI
                                                                                                                                                                                                    MD5:6FE0D2EE52FF96EA18720765B463212F
                                                                                                                                                                                                    SHA1:76FD5D0CAF222FF6E77BA59D15C485C925FBCDC0
                                                                                                                                                                                                    SHA-256:5C7CE721B46EFC92D46062FAA8B28CDA31FBB0DFD028BBE53760D3E1E6873682
                                                                                                                                                                                                    SHA-512:540B0DF800819C88281C17C135F9996226AD481A8E087D1F994BEBE8AFB40F0018D35B58FE69578CE99BBD63D713E0582EDF10A1BBF842D9F8D4163D770AB8A3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qxmlquery.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QXmlQuery..{..%Ty

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtXmlPatterns\qxmlresultitems.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1274
                                                                                                                                                                                                    Entropy (8bit):5.137146498922111
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:MvYPIQ098mXIpmNDzVZRURU2SnOk0n7mCR8D6UR3XWR3I3BPv/:iQ098RszhJh8mwQ6UR3XWR3IF/
                                                                                                                                                                                                    MD5:9898A353E13C22760092B54D49D00F52
                                                                                                                                                                                                    SHA1:2E8A2BAF15FDF293AC5FA368C5BBFE6794EB58CF
                                                                                                                                                                                                    SHA-256:A511AE99855A88F7F3B258FC1A923EC81F58667778FFF462CCF320BC9D41010E
                                                                                                                                                                                                    SHA-512:BBB8AE86AC8093967010302917641EA7EE76CBA5742F536E2D08AEF3820A38E103A9F399AB0290A75F01FFD5E360E2845D72ED657C3BC825FBA6CEC539A1A655
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qxmlresultitems.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QXmlResultI

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtXmlPatterns\qxmlschema.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1928
                                                                                                                                                                                                    Entropy (8bit):5.14044123564907
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:gQ098RszhJhf4wo41PmXHiKuuyOLAcSyS7ZG:pTszN1Pmhs2
                                                                                                                                                                                                    MD5:406BB8AF9502524289431AD83E656762
                                                                                                                                                                                                    SHA1:6F0EF7F7BD1FF114242207ABEA3FB98356147925
                                                                                                                                                                                                    SHA-256:5C29B0A2300F75F2EF6598DB74EF1B4812ED6DB4F7481E0A9B8B94E0F8FD20C9
                                                                                                                                                                                                    SHA-512:ED58551BC643969F5E914D5FF86E2063EC71F62D1F1D90A34584D603B8747317052E6A37C01446A61D7ECA2E8B6E3C6DB89EE20360702A315A2B0EC3CD743BB5
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qxmlschema.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QXmlSchema..{..%

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtXmlPatterns\qxmlschemavalidator.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2485
                                                                                                                                                                                                    Entropy (8bit):5.081059419334597
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:F3wQ098RszhJhQHo9NHBHsQAHqAUjlmHPuIqlveCuuyOLAcSyS7ZYHHHO:F3ZTszSo7ZDgxOlFPleKsYnO
                                                                                                                                                                                                    MD5:3A0EAAFE20653334F0EBE8044F12C9E0
                                                                                                                                                                                                    SHA1:F2F34676EA6C639628A9375E88ECBFA105A3D458
                                                                                                                                                                                                    SHA-256:6A8754160F31FCE93116062F9B52FDF87C1EC949B96EF8E8A5F43A5BC90C3936
                                                                                                                                                                                                    SHA-512:28F49904E46742B5D37E4B61BEFBA75578037F975055A115D38839A23DA7559717FE99626861F0E47F13DB9321DF03A4773648FCDD19BD47C660605A3F0E664A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qxmlschemavalidator.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QXmlSch

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtXmlPatterns\qxmlserializer.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1912
                                                                                                                                                                                                    Entropy (8bit):5.088212975749985
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:nQ098RszhJhxp9gnmEZVw96cY/ZiQRl6G6N5uG:QTszx9gnmEZW96T/ZNl6G6Nl
                                                                                                                                                                                                    MD5:86E36CFD54F5BF231FE2495353286070
                                                                                                                                                                                                    SHA1:72142CDDCFFAA39F11EA98DAD19A9DF2DA793E30
                                                                                                                                                                                                    SHA-256:002A3C3C7EB2D0A7941BCB6A3299EC38D8C675D21C8D8356A7214A1282CBA2F2
                                                                                                                                                                                                    SHA-512:87381E47023AC97FD13AA70FA333C56720DDED6F52615E3D461C6FBF0B80A98B2036C6F9033C1CE60E67F0F272EDBC2CB22670589E57D4F18D0A55C8A7D36C13
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qxmlserializer.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QXmlSerializ

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtXml\QtXml.toml

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):180
                                                                                                                                                                                                    Entropy (8bit):5.101634367073669
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:SZ3GMiyT8QQCQIMQDKN57wvAMKxwehyIWWMKxtHO+Cm4o6Mvk/dkC1WiE4yn:SZDim82QIRG7NthyIXo+Cm4o6Tdk6An
                                                                                                                                                                                                    MD5:141A7B2580E56D9CA749D110017FBF31
                                                                                                                                                                                                    SHA1:A99020B78A6EE718DA37C2C13353717F82419704
                                                                                                                                                                                                    SHA-256:1B14D0DF94A26F8F607FD05AC2781E5CC0AB51154255B6440B02DF7551230AD2
                                                                                                                                                                                                    SHA-512:525697385419918CC02E6377B0B11FC2C4BCBC7761E1E7D6097015586C568F3E07FD40B21C1F231C65E08DE3E20E6539E64C67CAFAB653CDBE63D860B9BAEE31
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:# Automatically generated configuration for PyQt5.QtXml.....sip-version = "6.8.6"..sip-abi-version = "12.15"..module-tags = ["Qt_5_15_2", "WS_WIN"]..module-disabled-features = []..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtXml\QtXmlmod.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1986
                                                                                                                                                                                                    Entropy (8bit):5.162272830181779
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:tWiB098mXIpmNDzVZRURU2SnOka/T986wiND/fZR02ASBOk/KViX:L098RszhJhab98tAzhAS//OE
                                                                                                                                                                                                    MD5:96296AF1961A9EF718B64499708C132A
                                                                                                                                                                                                    SHA1:CCBDC46179D718061F0E7A162FBBE77F0E03DE03
                                                                                                                                                                                                    SHA-256:D3606EE0D194EC61FFF040340511DDA6A68DF1E2C3AF13409C29BBC7AAF55BB4
                                                                                                                                                                                                    SHA-512:01F49943D3FADF4582CF4A477A0435BCD50CC26A394E8372F110650CBD3A6FF9DA8BE37AF52105F906C080ED48332596BB9FC86EA0314B5BB08E1AE6D3D53332
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// QtXmlmod.sip generated by MetaSIP..//..// This file is part of the QtXml Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%Module(name=PyQt5.QtXml, keywor

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtXml\qdom.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):14946
                                                                                                                                                                                                    Entropy (8bit):4.93688210140852
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:wdRjiA43UZRe+Qh7QRSKCIBwAGpfn2oZhy4aCA2Vgf5AhQHCe2h7rY:UR+WRSXIB/mfPZhyaydz
                                                                                                                                                                                                    MD5:544BFCBCAB7ADEBE55B1DA257C842137
                                                                                                                                                                                                    SHA1:2731CD4F5EB278A9C417E506EE2E16C92A7CEED3
                                                                                                                                                                                                    SHA-256:644749D664F7F70E38B584CBE520391DBBA9553F88117D7F9454A96D909E6535
                                                                                                                                                                                                    SHA-512:17C789A898A0EE7754DE1DDAEA23405CA72A3DBAF5EE6F17401B0C9F3E005538E4293FC9D908C1D813DB571815598A04401D4621626043A4F8B07AA4E595D6F7
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qdom.sip generated by MetaSIP..//..// This file is part of the QtXml Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QDomImplementation..{..%TypeHe

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\bindings\QtXml\qxml.sip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):12509
                                                                                                                                                                                                    Entropy (8bit):4.98635824365365
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:l1L4h9NmnjttbwXmXXBfoXqdQxfQ1RQNfQdLQ5fQlXHX1eX14Xqw3XR9ap2xenuJ:Rt2MCI3oqB5goRVA2GuJUkyPegYMdriN
                                                                                                                                                                                                    MD5:C5CF173988B2B73B272E22CCB5E142A8
                                                                                                                                                                                                    SHA1:BB1461335F327626F9C31DC2407AF88ACE04AACC
                                                                                                                                                                                                    SHA-256:146FC5493AC275778976AEBE2421208B126463BD6DB109ABA5FB62F9BED31CA2
                                                                                                                                                                                                    SHA-512:D855F6BDA30843862CB9E3A888C89579DA1E37A58EDC19A964DC092C5F8E0FB5FFE471622BB7E79CD3113DBBB06D67C54D731F6CED330D61E39614A94239F5EE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:// qxml.sip generated by MetaSIP..//..// This file is part of the QtXml Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QXmlNamespaceSupport..{..%Type

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\PyQt5\sip.pyi

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Python script, ASCII text executable
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2959
                                                                                                                                                                                                    Entropy (8bit):4.867947688553428
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:8x0NnYE4m+XquxNO6jz5e6ouCtu1Ela6JeIZrId4NZpk8aaxUhGVJLEWZ5rXHndg:Rt4m2q2NO6n5e6ouCteEJJeIZrId2/kf
                                                                                                                                                                                                    MD5:3D91D607972FF817AEBF990C4002B7E7
                                                                                                                                                                                                    SHA1:68813FA4425625343BCA17606DD069EBC6A94B72
                                                                                                                                                                                                    SHA-256:FB08D54F87130BD9EBA2B42A99322DF1B687D7DBCF5BD660AC8A6E0FAB446BB7
                                                                                                                                                                                                    SHA-512:2E406FB65882E593135B4F5D8BE1DBD5AAC72C92CE7A3DD0AA667555A8CCB3BF7D066DD89E2AF8A17B11ED7FCFAE3F29A130515C4410052FDA615B44BFE18407
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:# SPDX-License-Identifier: BSD-2-Clause..# Copyright (c) 2024 Phil Thompson <phil@riverbankcomputing.com>...from typing import Any, Generic, Iterable, overload, Sequence, TypeVar, Union...# PEP 484 has no explicit support for the buffer protocol so we just name types.# we know that implement it..Buffer = Union[bytes, bytearray, memoryview, 'array', 'voidptr']...# Constants..SIP_VERSION = ... # type: int.SIP_VERSION_STR = ... # type: str...# The bases for SIP generated types..class wrappertype:. def __init__(self, *args, **kwargs) -> None: .....class simplewrapper:. def __init__(self, *args, **kwargs) -> None: .....class wrapper(simplewrapper): ......# The array type.._T = TypeVar('_T')..class array(Sequence[_T], Generic[_T]):.. @overload. def __getitem__(self, key: int) -> _T: .... @overload. def __getitem__(self, key: slice) -> 'array[_T]': ..... @overload. def __setitem__(self, key: int, value: _T) -> None: .... @overload. def __setitem__(self, k

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\VCRUNTIME140.dll

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):98224
                                                                                                                                                                                                    Entropy (8bit):6.452201564717313
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:1536:ywqHLG4SsAzAvadZw+1Hcx8uIYNUzUoHA4decbK/zJNuw6z5U:ytrfZ+jPYNzoHA4decbK/FNu51U
                                                                                                                                                                                                    MD5:F34EB034AA4A9735218686590CBA2E8B
                                                                                                                                                                                                    SHA1:2BC20ACDCB201676B77A66FA7EC6B53FA2644713
                                                                                                                                                                                                    SHA-256:9D2B40F0395CC5D1B4D5EA17B84970C29971D448C37104676DB577586D4AD1B1
                                                                                                                                                                                                    SHA-512:D27D5E65E8206BD7923CF2A3C4384FEC0FC59E8BC29E25F8C03D039F3741C01D1A8C82979D7B88C10B209DB31FBBEC23909E976B3EE593DC33481F0050A445AF
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......*..qn.."n.."n.."...#l.."g.."e.."n.."B.."<..#c.."<..#~.."<..#q.."<..#o.."<.g"o.."<..#o.."Richn.."................PE..d...%|.a.........." .........`......p................................................{....`A.........................................B..4....J...............p..X....X...'..........h,..T............................,..8............................................text............................... ..`.rdata...@.......B..................@..@.data...@....`.......@..............@....pdata..X....p.......D..............@..@_RDATA...............P..............@..@.rsrc................R..............@..@.reloc...............V..............@..B........................................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\VCRUNTIME140_1.dll

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):37256
                                                                                                                                                                                                    Entropy (8bit):6.297533243519742
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:5hnvMCmWEKhUcSLt5a9k6KrOE5fY/ntz5txWE6Wc+Xf0+uncS7IO5WrCKWU/tQ0g:YCm5KhUcwrHY/ntTxT6ov07b4SwY1zl
                                                                                                                                                                                                    MD5:135359D350F72AD4BF716B764D39E749
                                                                                                                                                                                                    SHA1:2E59D9BBCCE356F0FECE56C9C4917A5CACEC63D7
                                                                                                                                                                                                    SHA-256:34048ABAA070ECC13B318CEA31425F4CA3EDD133D350318AC65259E6058C8B32
                                                                                                                                                                                                    SHA-512:CF23513D63AB2192C78CAE98BD3FEA67D933212B630BE111FA7E03BE3E92AF38E247EB2D3804437FD0FDA70FDC87916CD24CF1D3911E9F3BFB2CC4AB72B459BA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......D_.O.>...>...>...N...>..RK...>...F^..>...>..1>..RK...>..RK...>..RK...>..RK...>..RK2..>..RK...>..Rich.>..........................PE..d...)|.a.........." .....:...6......`A....................................................`A.........................................l.......m..x....................n...#......<...(b..T............................b..8............P..X............................text...e9.......:.................. ..`.rdata.. "...P...$...>..............@..@.data... ............b..............@....pdata...............d..............@..@.rsrc................h..............@..@.reloc..<............l..............@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\__future__.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4111
                                                                                                                                                                                                    Entropy (8bit):5.369041535051993
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:sgdNzUuGd+P2sKNsNWAom2j8SJ4n2OEyEqgZ5UZnlT5EIPiRu8COuc/:N4BRRAom1VIqgDiWlXuc/
                                                                                                                                                                                                    MD5:A60B1334D3429A02E70C5A0574F2AF5D
                                                                                                                                                                                                    SHA1:CE11640237857D436B089B1E6233F9D4CF2DB271
                                                                                                                                                                                                    SHA-256:F18CB1E450A6C67182ADC35C75A89F66E35F4215D7945DEA21FB429DAABAD20B
                                                                                                                                                                                                    SHA-512:7281F44FC95CC71E22954829C1FE00258BF2A764F4D8191F53F5C30224B1397FD97DA967E0118D471A07EC4C60A911721FE6D03CB9783671BA58620C288E6B24
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@........d.Z.g.d...Z.d.g.e...Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.G.d.d...d...Z.e.d.d.e...Z.e.d.d.e...Z.e.d.d.e...Z.e.d.d.e...Z.e.d.d.e...Z.e.d.d.e...Z.e.d.d.e...Z.e.d.d.e...Z.e.d.d.e...Z.e.d.d.e...Z.d.S.)..n...Record of phased-in incompatible language changes...Each line is of the form:.. FeatureName = "_Feature(" OptionalRelease "," MandatoryRelease ",". CompilerFlag ")"..where, normally, OptionalRelease < MandatoryRelease, and both are 5-tuples.of the same form as sys.version_info:.. (PY_MAJOR_VERSION, # the 2 in 2.1.0a3; an int. PY_MINOR_VERSION, # the 1; an int. PY_MICRO_VERSION, # the 0; an int. PY_RELEASE_LEVEL, # "alpha", "beta", "candidate" or "final"; string. PY_RELEASE_SERIAL # the 3; an int. )..OptionalRelease records the first release in which.. from __future__ import FeatureName..was accepted...In the case of MandatoryReleases that have not yet occurred,.MandatoryRelease pre

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\_brotli.cp310-win_amd64.pyd

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):820736
                                                                                                                                                                                                    Entropy (8bit):6.056282443190043
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12288:tY0Uu7wLsglBv4i5DGAqXMAHhlyL82XTw05nmZfRFo:tp0NA1tAmZfR
                                                                                                                                                                                                    MD5:EE3D454883556A68920CAAEDEFBC1F83
                                                                                                                                                                                                    SHA1:45B4D62A6E7DB022E52C6159EEF17E9D58BEC858
                                                                                                                                                                                                    SHA-256:791E7195D7DF47A21466868F3D7386CFF13F16C51FCD0350BF4028E96278DFF1
                                                                                                                                                                                                    SHA-512:E404ADF831076D27680CC38D3879AF660A96AFC8B8E22FFD01647248C601F3C6C4585D7D7DC6BBD187660595F6A48F504792106869D329AA1A0F3707D7F777C6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......5.r.q...q...q...x...y......s...:...s......|......y......r.....r...q...L.....Q.....p.....p.....p...Richq...........PE..d... ..d.........." ...#.@...H.......F....................................................`.........................................@c..`....c.......................................9..............................P8..@............P...............................text....?.......@.................. ..`.rdata.......P.......D..............@..@.data........p.......`..............@....pdata...............h..............@..@.rsrc...............................@..@.reloc..............................@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\_bz2.pyd

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):83736
                                                                                                                                                                                                    Entropy (8bit):6.595094797707322
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:1536:hXOz78ZqjUyAsIi7W/5+D8W35mjZm35ILCVM7SyfYPxe:pOzwpyAFi7WMgW34jZm35ILCVMZoxe
                                                                                                                                                                                                    MD5:86D1B2A9070CD7D52124126A357FF067
                                                                                                                                                                                                    SHA1:18E30446FE51CED706F62C3544A8C8FDC08DE503
                                                                                                                                                                                                    SHA-256:62173A8FADD4BF4DD71AB89EA718754AA31620244372F0C5BBBAE102E641A60E
                                                                                                                                                                                                    SHA-512:7DB4B7E0C518A02AE901F4B24E3860122ACC67E38E73F98F993FE99EB20BB3AA539DB1ED40E63D6021861B54F34A5F5A364907FFD7DA182ADEA68BBDD5C2B535
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........d.>...m...m...m.}<m...m.p.l...m.jRm...m.p.l...m.p.l...m.p.l...mup.l...m.}.l...m...m...mup.l...mup.l...mupPm...mup.l...mRich...m................PE..d.....,d.........." .........\..............................................P............`......................................... ...H...h........0....... ..,......../...@......`...T...............................8............................................text.............................. ..`.rdata...=.......>..................@..@.data...............................@....pdata..,.... ......................@..@.rsrc........0......................@..@.reloc.......@......................@..B................................................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\_compat_pickle.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5850
                                                                                                                                                                                                    Entropy (8bit):5.798867776989796
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:4PgbBl/+DUvOvdW7Javt9PVNkpsv7ve6Paki8oV9CBfbywQMKL7KEQ:s9DJnTMEGwa8orGuzL2EQ
                                                                                                                                                                                                    MD5:EEB2B8AB4EDE37624F78125E6536B2D6
                                                                                                                                                                                                    SHA1:84A839D69C5DA6243A44408CF73FC6D69EDA23E2
                                                                                                                                                                                                    SHA-256:2E239A6152E54E6C318AC96EBA30B09C8E7FC107B18367905554078820B71DAF
                                                                                                                                                                                                    SHA-512:D204C20E8754B49F0F3ECEDF09E71A20095D34A3AC03ACCC7223D0A70A16970DDC081516239855C0797D6D6A535450B94D3B7469E8BDC02B14CCC80CAD7119EC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....$...i.d.d...d.d...d.d...d.d...d.d...d.d...d.d...d.d...d.d...d.d...d.d...d.d...d.d...d.d...d.d...d.d...d d!..i.d"d#..d$d%..d&d'..d(d)..d*d+..d,d-..d.d/..d0d1..d2d3..d4d5..d6d7..d8d9..d:d;..d<d=..d>d?..d@dA..dBdC....dDdEdFdGdHdId2dJdK....Z.i.dLdM..dNdO..dPdQ..dRdS..dTdU..dVdW..dXdY..dZd[..d\d]..d^d_..d`da..dbdc..ddde..dfdg..dhdi..djdk..dldm..i.dndo..dpdq..drds..dtdu..dvdw..dxdy..dzd{..d|d}..d~d...d.d...d.d...d.d...d.d...d.d...d.d...d.d.....Z.d.Z.z.e...W.n...e.y.......Y.n.w.e.d.7.Z.e.D.].Z.d.e.f.e.d.e.f.<.q.d.Z.e.D.].Z.d.e.f.e.d.e.f.<...q.e.d.d...e.....D.....Z.e.e...e.e...k...s#J...e.d.d...e.....D.....Z.e.e...e.e...k...s9J...e...d.d.d.d.d9dDdDd.d.d.d2d.d.d.......e...d.d2d.d4d.d.......e...dUd.dcd.d.......e...dNd.d.d.d.d.d.d.d.d.d.d.d.d.......d.Z.e.D.].Z.d.e.d.e.f.<...qxd.Z.e.D.].Z.d.e.d.e.f.<...q.d.S.)...__builtin__..builtins..copy_reg..copyreg..Queue..queue..SocketServer..socketserver..ConfigParser..configparser..repr..reprlib..tkFileDialog..tkint

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\_compression.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4490
                                                                                                                                                                                                    Entropy (8bit):5.165556045339323
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:EnAZxmr5vc6bSCemAP4Q9XEVjFiMOG6u7zTw4QYWvPyfRquDMfHWPw6:EN3DYJfhLww4QYWaRqwMPWPV
                                                                                                                                                                                                    MD5:720CB15D3B7E81E5F5B94D49342A1E82
                                                                                                                                                                                                    SHA1:1427C71826D2B48E49FACB12824607625C33A1EB
                                                                                                                                                                                                    SHA-256:30D93ED2C952313FA7DAD7441A91A7895B7F8639CB659C2DCDFCA18F0FCDFCFC
                                                                                                                                                                                                    SHA-512:ABC404A9E4E8B778E7CE8A78E934724DDCCC3962F17329651285FA72AFFC87811EFD9E6DCE664D5BC4BFA07E59BF88520766CF35ACAE7826C9D26054BF1CFA44
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....B...d.Z.d.d.l.Z.d.d.l.Z.e.j.Z.G.d.d...d.e.j...Z.G.d.d...d.e.j...Z.d.S.)..7Internal classes used by the gzip, lzma and bz2 modules.....Nc....................@....0...e.Z.d.Z.d.Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.S.)...BaseStream..Mode-checking helper functions.c....................C........|.j.r.t.d.....d.S.).N..I/O operation on closed file....closed..ValueError....self..r......_compression.py.._check_not_closed.................BaseStream._check_not_closedc....................C........|.....s.t...d.....d.S.).N..File not open for reading....readable..io..UnsupportedOperationr....r....r....r......_check_can_read.................BaseStream._check_can_readc....................C...r....).N..File not open for writing....writabler....r....r....r....r....r......_check_can_write....r......BaseStream._check_can_writec....................C....(...|.....s.t...d.....|.....s.t...d.....d.S.).N.3Seeking is only supported on files open for reading.3The underlyin

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\_decimal.pyd

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):254744
                                                                                                                                                                                                    Entropy (8bit):6.564308911485739
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6144:3LT2sto29vTlN5cdIKdo4/3VaV8FlBa9qWMa3pLW1A/T8O51j4iab9M:H2s/9vTlPcdk4vVtFU98iIu
                                                                                                                                                                                                    MD5:20C77203DDF9FF2FF96D6D11DEA2EDCF
                                                                                                                                                                                                    SHA1:0D660B8D1161E72C993C6E2AB0292A409F6379A5
                                                                                                                                                                                                    SHA-256:9AAC010A424C757C434C460C3C0A6515D7720966AB64BAD667539282A17B4133
                                                                                                                                                                                                    SHA-512:2B24346ECE2CBD1E9472A0E70768A8B4A5D2C12B3D83934F22EBDC9392D9023DCB44D2322ADA9EDBE2EB0E2C01B5742D2A83FA57CA23054080909EC6EB7CF3CA
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........76..VX..VX..VX.....VX..#Y..VX..#]..VX..#\..VX..#[..VX.t#Y..VX...Y..VX..VY.+VX.t#[..VX.t#U..VX.t#X..VX.t#...VX.t#Z..VX.Rich.VX.........................PE..d.....,d.........." .....|...:.......................................................r....`..........................................T..P...0U...................'......./......<...0...T...............................8............................................text....{.......|.................. ..`.rdata..............................@..@.data....)...p...$...X..............@....pdata...'.......(...|..............@..@.rsrc...............................@..@.reloc..<...........................@..B........................................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\_hashlib.pyd

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):64792
                                                                                                                                                                                                    Entropy (8bit):6.223467179037751
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:1536:/smKJPganCspF1dqZAC2QjP2RILOIld7SyEPxDF:/smKpgNoF1dqZDnjP2RILOIv2xB
                                                                                                                                                                                                    MD5:D4674750C732F0DB4C4DD6A83A9124FE
                                                                                                                                                                                                    SHA1:FD8D76817ABC847BB8359A7C268ACADA9D26BFD5
                                                                                                                                                                                                    SHA-256:CAA4D2F8795E9A55E128409CC016E2CC5C694CB026D7058FC561E4DD131ED1C9
                                                                                                                                                                                                    SHA-512:97D57CFB80DD9DD822F2F30F836E13A52F771EE8485BC0FD29236882970F6BFBDFAAC3F2E333BBA5C25C20255E8C0F5AD82D8BC8A6B6E2F7A07EA94A9149C81E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........Q..b?..b?..b?......b?..>..b?..:..b?..;..b?..<..b?.2.>..b?..>..b?.7.>..b?..b>.pb?.2.2..b?.2.?..b?.2....b?.2.=..b?.Rich.b?.........PE..d.....,d.........." .....P...........<....................................................`............................................P...0............................/......T....k..T............................k..8............`.. ............................text....N.......P.................. ..`.rdata..4P...`...R...T..............@..@.data...H...........................@....pdata..............................@..@.rsrc...............................@..@.reloc..T...........................@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\_lzma.pyd

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):158488
                                                                                                                                                                                                    Entropy (8bit):6.8491143497239655
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3072:j0k3SXjD9aWpAn3rb7SbuDlvNgS4fWqEznfo9mNoFTSlXZ8Ax5ILZ1GIxq:j0kiXjD9v8X7Euk4wYOFTafxn
                                                                                                                                                                                                    MD5:7447EFD8D71E8A1929BE0FAC722B42DC
                                                                                                                                                                                                    SHA1:6080C1B84C2DCBF03DCC2D95306615FF5FCE49A6
                                                                                                                                                                                                    SHA-256:60793C8592193CFBD00FD3E5263BE4315D650BA4F9E4FDA9C45A10642FD998BE
                                                                                                                                                                                                    SHA-512:C6295D45ED6C4F7534C1A38D47DDC55FEA8B9F62BBDC0743E4D22E8AD0484984F8AB077B73E683D0A92D11BF6588A1AE395456CFA57DA94BB2A6C4A1B07984DE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........l.M...M...M...D..I.......O.......F.......E.......N.......N.......O...M...(.......w.......L.......L.......L...RichM...................PE..d...&.,d.........." .....`..........p3...............................................4....`.............................................L.......x....`.......@.......<.../...p..D...H{..T............................{..8............p...............................text....^.......`.................. ..`.rdata.......p.......d..............@..@.data........0......................@....pdata.......@......................@..@.rsrc........`.......0..............@..@.reloc..D....p.......:..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\_py_abc.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4661
                                                                                                                                                                                                    Entropy (8bit):5.366184653905742
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:f+v2XIUHa2+J6DQkj152HrcYIRNZS/hGbU5sXoYmwS9/oo8HQU/lisuXaNg6NWyq:u24OzQ6M8152LiRe4bUsXBmwS9/oo8HW
                                                                                                                                                                                                    MD5:7A408C1218E8AEE594B89D6FF2400903
                                                                                                                                                                                                    SHA1:6B25E97F692480B5433F4E41927BF20A691742F0
                                                                                                                                                                                                    SHA-256:16108604C0D58C699155ADCED128D325EA0374E6515AECD4F1748BA8740D37CB
                                                                                                                                                                                                    SHA-512:82CF32693B3DD9E52D40BED7DCA30A403A75D85A5703C120288D531AE379179030C136B851F43DA99AB33EA42FD06665F172EAD36301CB05265AEDF6CC354EF2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....(...d.d.l.m.Z...d.d...Z.G.d.d...d.e...Z.d.S.)..........WeakSetc....................C........t.j.S.)...Returns the current ABC cache token... The token is an opaque object (supporting equality testing) identifying the. current version of the ABC cache for virtual subclasses. The token changes. with every call to ``register()`` on any ABC.. ....ABCMeta.._abc_invalidation_counter..r....r......_py_abc.py..get_cache_token...........r....c.........................V...e.Z.d.Z.d.Z.d.Z...f.d.d...Z.d.d...Z.d.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.....Z.S.).r.....h...Metaclass for defining Abstract Base Classes (ABCs)... Use this metaclass to create an ABC. An ABC can be subclassed. directly, and then acts as a mix-in class. You can also register. unrelated concrete classes (even built-in classes) and unrelated. ABCs as 'virtual subclasses' -- these and their descendants will. be considered subclasses of the registering ABC b

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\_pydecimal.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):157693
                                                                                                                                                                                                    Entropy (8bit):5.529360331452323
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3072:8fxaRDo8V+4x1pX1mjJhWRoq4nz3nvAfT:8fxc834x1pkjJhWRz4nz3vAfT
                                                                                                                                                                                                    MD5:4D2E16B1434EFE6959C2FA774F6B86B3
                                                                                                                                                                                                    SHA1:66159A4D5CB0444E2D2461F319613B13DCEC5583
                                                                                                                                                                                                    SHA-256:31856E427160D4D677E75AE3D73671A01AB05105FDEBB9D4B62DF199E3806593
                                                                                                                                                                                                    SHA-512:B8AFE4EFBF28BDB5280F4B221D0DD349A87CF16ABD7DD662865A0DA5E55DC2D2CC9EE8D66FA3B2E9ADF56717DC99A0989739F7FC5CD786958D09C3B165E00C4D
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....p...d.Z.g.d...Z.e.Z.d.Z.d.Z.d.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.z.d.d.l.m.Z...e.d.d...Z.W.n...e.y4......d.d...Z.Y.n.w.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.e.j.d.k.rUd.Z.d.Z.d.Z.n.d.Z.d.Z.d.Z.e.e.d.....Z.G.d.d...d.e...Z G.d.d...d.e ..Z!G.d.d ..d e ..Z"G.d!d"..d"e"..Z#G.d#d$..d$e e$..Z%G.d%d&..d&e"..Z&G.d'd(..d(e"e$..Z'G.d)d*..d*e ..Z(G.d+d,..d,e"..Z)G.d-d...d.e ..Z*G.d/d0..d0e ..Z+G.d1d2..d2e(e*..Z,G.d3d4..d4e(e*e+..Z-G.d5d6..d6e e...Z/e!e%e(e,e*e-e"e+e/g.Z0e#e"e&e"e'e"e)e"i.Z1e.e.e.e.e.e.e.e.f.Z2d.d.l3Z3e3.4d7..Z5d8d9..Z6d:d;..Z7[3d.d<d=..Z8G.d>d?..d?e9..Z:d.dAdB..Z;e.j<.=e:....G.dCdD..dDe9..Z>G.dEdF..dFe9..Z?G.dGdH..dHe9..Z@d.dIdJ..ZAeBjCZDdKdL..ZEdMdN..ZFdOdP..ZGdQdR..ZHd.dTdU..ZIdVdW..ZJdXdY..ZKG.dZd[..d[e9..ZLeL..jMZNd.d\d]..ZOd^d_..ZPd`da..ZQdbdcdddedfdgdhdidjdk..f.dldm..ZRd.dndo..ZSd.dpdq..ZTe?dre.e%e,e"g.g.dsdtd.d.du..ZUe?dve.e%e,e"e!e-g.g.dw..ZVe?dve.g.g.dw..ZWd.d.lXZXeX.YdxeXjZeXj[B...j\Z]eX.Ydy..j\Z^eX.Ydz..j\Z_eX.Yd{eXjZeXj`B...Za[Xz.d.d.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\_queue.pyd

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):31512
                                                                                                                                                                                                    Entropy (8bit):6.563116725717513
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:bxrUGCpa6rIxdK/rAwVILQU85YiSyvz5PxWEaAc:trUZIzYrAwVILQUG7SydPxDc
                                                                                                                                                                                                    MD5:D8C1B81BBC125B6AD1F48A172181336E
                                                                                                                                                                                                    SHA1:3FF1D8DCEC04CE16E97E12263B9233FBF982340C
                                                                                                                                                                                                    SHA-256:925F05255F4AAE0997DC4EC94D900FD15950FD840685D5B8AA755427C7422B14
                                                                                                                                                                                                    SHA-512:CCC9F0D3ACA66729832F26BE12F8E7021834BBEE1F4A45DA9451B1AA5C2E63126C0031D223AF57CF71FAD2C85860782A56D78D8339B35720194DF139076E0772
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........a............................................V...................V......V......V......V......Rich....................PE..d.....,d.........." .........6......................................................N.....`.........................................@C..L....C..d....p.......`.......L.../...........3..T...........................p3..8............0.. ............................text...~........................... ..`.rdata.......0......................@..@.data........P.......8..............@....pdata.......`.......<..............@..@.rsrc........p.......@..............@..@.reloc...............J..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\_socket.pyd

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):79128
                                                                                                                                                                                                    Entropy (8bit):6.284790077237953
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:1536:ZmtvsXhgzrojAs9/s+S+pGLypbyxk/DDTBVILLwX7SyiPx9:c56OzyAs9/sT+pGLypb+k/XFVILLwX4f
                                                                                                                                                                                                    MD5:819166054FEC07EFCD1062F13C2147EE
                                                                                                                                                                                                    SHA1:93868EBCD6E013FDA9CD96D8065A1D70A66A2A26
                                                                                                                                                                                                    SHA-256:E6DEB751039CD5424A139708475CE83F9C042D43E650765A716CB4A924B07E4F
                                                                                                                                                                                                    SHA-512:DA3A440C94CB99B8AF7D2BC8F8F0631AE9C112BD04BADF200EDBF7EA0C48D012843B4A9FB9F1E6D3A9674FD3D4EB6F0FA78FD1121FAD1F01F3B981028538B666
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~...:...:...:...3.i.<...h...8...h...6...h...2...h...9.......8...:.......q...=.......;.......;.......;.......;...Rich:...........PE..d.....,d.........." .....l...........%.......................................P............`.............................................P............0....... ..<......../...@..........T..............................8............................................text...fj.......l.................. ..`.rdata..Ts.......t...p..............@..@.data...............................@....pdata..<.... ......................@..@.rsrc........0......................@..@.reloc.......@......................@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\_ssl.pyd

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):160536
                                                                                                                                                                                                    Entropy (8bit):6.027748879187965
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3072:OwYiZ+PtocHnVXhLlasuvMETxoEBA+nbUtGnBSonJCNI5ILC7Gax1:FYk+PtocHVxx/uvPCEwhGJ
                                                                                                                                                                                                    MD5:7910FB2AF40E81BEE211182CFFEC0A06
                                                                                                                                                                                                    SHA1:251482ED44840B3C75426DD8E3280059D2CA06C6
                                                                                                                                                                                                    SHA-256:D2A7999E234E33828888AD455BAA6AB101D90323579ABC1095B8C42F0F723B6F
                                                                                                                                                                                                    SHA-512:BFE6506FEB27A592FE9CF1DB7D567D0D07F148EF1A2C969F1E4F7F29740C6BB8CCF946131E65FE5AA8EDE371686C272B0860BD4C0C223195AAA1A44F59301B27
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........C.-...-...-.....-...,...-...(...-...)...-.......-.W.,...-.R.,...-...,...-...,...-.W. ...-.W.-...-.W....-.W./...-.Rich..-.................PE..d.....,d.........." ................l*..............................................%.....`.............................................d...........`.......P.......D.../...p..8.......T...............................8............................................text...(........................... ..`.rdata..6...........................@..@.data....j.......f..................@....pdata.......P....... ..............@..@.rsrc........`.......,..............@..@.reloc..8....p.......6..............@..B................................................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\_strptime.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):15907
                                                                                                                                                                                                    Entropy (8bit):5.802556111574027
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:jiCwA5aGvhcInwHE8HsOBRmvAW2EEMNx9hzx5PtC7:ZJ5z5QE8HHBRmv1EMxhzPk
                                                                                                                                                                                                    MD5:16A53F037C6563917F5B6D68459DD104
                                                                                                                                                                                                    SHA1:A4EF043008FA7A52AEBD7042E1D83A886CAC9E18
                                                                                                                                                                                                    SHA-256:3772874AE98838F1CD53E762D958180E6A67D919B25ECED933055AAFC1DAA7F9
                                                                                                                                                                                                    SHA-512:6508540EC07DC0917E5A7245B3D5C18EDBC42890FC0AF8F75E77ECC32852DE62B2FA38B748349141B336E40422EC35340C756EBAAB4A1ABDB41DBE77D20633EB
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@........d.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z.m.Z...d.d.l.m.Z...g.Z.d.d...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.e...Z.e...a.d.Z.i.a.d.d...Z.d.d...Z.d.d.d...Z d.d.d...Z!d.d.d...Z"d.S.).....Strptime-related classes and functions...CLASSES:. LocaleTime -- Discovers and stores locale-specific time information. TimeRE -- Creates regexes for pattern matching a string of text containing. time information..FUNCTIONS:. _getlang -- Figure out what language is being used for the locale. strptime -- Calculates the time struct represented by the passed-in string.......N....compile....IGNORECASE....escape....date..timedelta..timezone....allocate_lockc....................C........t...t.j...S.).N....locale..getlocale..LC_TIME..r....r......_strptime.py.._getlang...........r....c....................@....@...e.Z.d.Z.d.Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.S.)...LocaleTime.k...Stores and han

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\_threading_local.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6523
                                                                                                                                                                                                    Entropy (8bit):5.297004545015491
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:W5s4IChC4/ew4oV6TD/Dh83cfAMftK5pUDMMwvAmB82AFwm3r9lUn40G:Wi4mNoIa3c4ITwIZ3rHUndG
                                                                                                                                                                                                    MD5:566A7B3A431F06EF7A13B818888AA3B2
                                                                                                                                                                                                    SHA1:297C74CAE5CBCB6FB16AA592DD10AE841DE9420D
                                                                                                                                                                                                    SHA-256:8E855D1AA8952CEC9D9BB0CA8C9951FEB3EF1616B3D830FAD1E3353D9A7BF837
                                                                                                                                                                                                    SHA-512:07315715C2D1CE693DDB256EF9071D5EF42B938465F2357E369ED950277117A8A8E5E4F63C9F116C4D1AE4BFB9810D06721F5790ED67440CC10AC14B0558E6C4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....^...d.Z.d.d.l.m.Z...d.d.l.m.Z...d.g.Z.G.d.d...d...Z.e.d.d.....Z.G.d.d...d...Z.d.d.l.m.Z.m.Z...d.S.)..(...Thread-local objects...(Note that this module provides a Python version of the threading.local. class. Depending on the version of Python you're using, there may be a. faster one available. You should always import the `local` class from. `threading`.)..Thread-local objects support the management of thread-local data..If you have data that you want to be local to a thread, simply create.a thread-local object and use its attributes:.. >>> mydata = local(). >>> mydata.number = 42. >>> mydata.number. 42..You can also access the local-object's dictionary:.. >>> mydata.__dict__. {'number': 42}. >>> mydata.__dict__.setdefault('widgets', []). []. >>> mydata.widgets. []..What's important about thread-local objects is that their data are.local to a thread. If we access the data in a different thread:.. >>> log = []. >>> def f():. ...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\argparse.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):63060
                                                                                                                                                                                                    Entropy (8bit):5.395710765053623
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:1536:0pUD+QNFjLL8PelugD8kKNu9HuizYcV9NCksWEMeFFHB44C:0uNl8k5HuyrV9NCxsb
                                                                                                                                                                                                    MD5:78650773A499E91AB1E5E317E1D193FC
                                                                                                                                                                                                    SHA1:191CBE87829F30A08E6536F38B60C868DA11F42B
                                                                                                                                                                                                    SHA-256:9F9C6E5C225ABB38005EF447EFC61D9E99068054CC2D9051054C0FF241C1486A
                                                                                                                                                                                                    SHA-512:0975E552B6CCE07BE2E62B0466EE19C8EB32955FC108E2C6FB563D086945436F8D312E2805706FD1D7C4672030306D4F5023F25B3E50ECAF6573C5A814E9F6E2
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@........d.Z.d.Z.g.d...Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z.m.Z...d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.G.d.d...d.e...Z.d.d...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.d.d...Z.G.d.d...d.e...Z.G.d.d ..d e...Z.G.d!d"..d"e...Z.G.d#d$..d$e...Z G.d%d&..d&e...Z!G.d'd(..d(e...Z"G.d)d*..d*e"..Z#G.d+d,..d,e"..Z$G.d-d...d.e...Z%G.d/d0..d0e...Z&G.d1d2..d2e...Z'G.d3d4..d4e...Z(G.d5d6..d6e...Z)G.d7d8..d8e...Z*G.d9d:..d:e%..Z+G.d;d<..d<e...Z,G.d=d>..d>e...Z-G.d?d@..d@e...Z.G.dAdB..dBe...Z/G.dCdD..dDe/..Z0G.dEdF..dFe.e...Z1d.S.)G.....Command-line parsing library..This module is an optparse-inspired command-line parsing library that:.. - handles both optional and positional arguments. - produces highly informative usage messages. - supports parsers that dispatch to sub-parsers..The following is a simple usage example that sums integers from the.command-line and writes the result to a file::.. parser = argparse.ArgumentParser

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\ast.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):55749
                                                                                                                                                                                                    Entropy (8bit):5.342440613876116
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:1536:V4+GlgD7UGQCeB6LFmp2aws7yqDuK4071l:V4WBF7hs7yqDuK/z
                                                                                                                                                                                                    MD5:9277296D36CC42B0A1B8C74E73B1FB92
                                                                                                                                                                                                    SHA1:221F04F80BB3BC57BFCA1395A7CA342B3272A0B2
                                                                                                                                                                                                    SHA-256:5A775817342B9FDA697DE79F66A814A6B5C0A5F8318B07ECC4A2B62F0F93739A
                                                                                                                                                                                                    SHA-512:3FBECB7D557E4D9CB438B3514B301FFE791C06820EE99AD8D73CAFA61788DB640B2CA974BE4BAFDCD8889287483DFB1DD652E01CE938739C541032B74DA998ED
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@........d.Z.d.d.l.Z.d.d.l.T.d.d.l.m.Z.m.Z...d.d.l.m.Z.m.Z...d`d.d.d...d.d...Z.d.d...Z.dad.d...d.d...Z.d.d...Z.d.d...Z.dbd.d...Z.d.d...Z.d.d...Z.dcd.d...Z.d.d ..Z.d!d"..Z.d.d#..d$d%..Z.d&d'..Z.G.d(d)..d)e...Z.G.d*d+..d+e...Z.e.e.d,..s.d-d...Z.d/d0..Z.e.e.e...e._.e.e.e...e._.G.d1d2..d2e ..Z!d3d4..Z"G.d5d6..d6e.e!d7..Z#G.d8d9..d9e.e!d7..Z$G.d:d;..d;e.e!d7..Z%G.d<d=..d=e.e!d7..Z&G.d>d?..d?e.e!d7..Z'e#e(e)e*f.e$e+f.e%e,f.e&e d...e-f.e'e d@..f.i.Z.e#e-f.i.Z/e-d=e d...d=e(d6e)d6e*d6e+d9e,d;e d@..d?i.Z0G.dAdB..dBe1..Z2G.dCdD..dDe2..Z3G.dEdF..dFe2..Z4e.e5dG....s"dHdI..Z6dJdK..Z7e.e6e7..e5_8G.dLdM..dMe9..Z:G.dNdO..dOe;..Z<G.dPdQ..dQe;..Z=G.dRdS..dSe;..Z>dTe?e.j@jAd.......ZBG.dUdV..dVe...ZCdWZDdXZEg.eD..eE..R.ZFG.dYdZ..dZe...ZGd[d\..ZHd]d^..ZIeJd_k...ryeI....d.S.d.S.)d.H.... ast. ~~~.. The `ast` module helps Python applications to process trees of the Python. abstract syntax grammar. The abstract syntax itself might change with. each Python re

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\base64.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):17110
                                                                                                                                                                                                    Entropy (8bit):5.524272634297277
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:QxayMwXlrYhA1T1cRX6KbWJ5uKLudrIgV3:c3MwlGWIX1b+OrIgV3
                                                                                                                                                                                                    MD5:1964FC5D3CD98FABDD626DEDF4760ECE
                                                                                                                                                                                                    SHA1:C6CD18D61F79C04E11D33D5CC4425A8937B5E8BA
                                                                                                                                                                                                    SHA-256:ACB6F9EC7B6737B931E17EE1A85FE44FB28239CFF6A63ADCCAE8B78CF21C79A0
                                                                                                                                                                                                    SHA-512:188C5DB00EADF61106A368B8B15C777C67FF25D40DD26939A2928D07C3500127DBA3E6BCF70A256A2F239DF67192D8FED7F22F3507EF2DCEB6710ECAF2A7CE86
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@........d.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.g.d...Z.e.e.f.Z.d.d...Z.dQd.d...Z.dRd.d...Z.d.d...Z.d.d...Z.e...d.d...Z.e...d.d...Z.d.d...Z.d.d...Z.d.Z.d.Z.d.Z.d.Z.d.Z.i.a.i.a.d.d...Z.dSd.d...Z.d.d...Z.e.j.d d!..e._.dSd"d#..Z.e.j.d e.d$..e._.d%d&..Z.e.j.d'd!..e._.dTd(d)..Z.e.j.d'd*d$..e._.d+d,..Z dTd-d...Z!d.a"d.a#d/Z$d0Z%dUd1d2..Z&d.d.d.d.d3..d4d5..Z'd.d.d6d7..d8d9..Z(d:Z)d.a*d.a+d.a,dTd;d<..Z-d=d>..Z.d?Z/e/d@..dA..Z0dBdC..Z1dDdE..Z2dFdG..Z3dHdI..Z4dJdK..Z5dLdM..Z6dNdO..Z7e8dPk.r.e6....d.S.d.S.)V.DBase16, Base32, Base64 (RFC 3548), Base85 and Ascii85 data encodings.....N....encode..decode..encodebytes..decodebytes..b64encode..b64decode..b32encode..b32decode..b32hexencode..b32hexdecode..b16encode..b16decode..b85encode..b85decode..a85encode..a85decode..standard_b64encode..standard_b64decode..urlsafe_b64encode..urlsafe_b64decodec....................C....l...t.|.t...r.z.|...d...W.S...t.y.......t.d.....w.t.|.t...r.|.S.z.t.|.......W.S...t.y5......t.d.|.j.j.....d...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\base_library.zip

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:Zip archive data, at least v2.0 to extract, compression method=store
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):880569
                                                                                                                                                                                                    Entropy (8bit):5.682980440617897
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:12288:lgYJu4KXWyBC6S4IEa8A4a2Ya2xdOVwx/fpEh+rtSLMNA:lgYJiVBFLa2xTVwx/fpEh++MNA
                                                                                                                                                                                                    MD5:3AE8624C9C1224F10A3135A7039C951F
                                                                                                                                                                                                    SHA1:08C18204E598708BA5EA59E928EF80CA4485B592
                                                                                                                                                                                                    SHA-256:64DFC4067A99C71094B4A9AA8E50344E7D42EA9A0D376CBCD419C04E53384285
                                                                                                                                                                                                    SHA-512:C47EA6B8E004C27FA29E84F6363F97E775C83A239EB3AE75DEDCA79E69DB02B431A586877EE8F948F83B522B00C20E6B1D5864628C2AEF9E33E0BE95FE6E3254
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:PK..........!..^".5...5......._collections_abc.pyco....................................@.......d.Z.d.d.l.m.Z.m.Z...d.d.l.Z.e.e.e.....Z.e.d...Z.d.d...Z.e.e...Z.[.g.d...Z.d.Z.e.e.d.....Z.e.e.e.......Z.e.e.i.........Z.e.e.i.........Z.e.e.i.........Z.e.e.g.....Z.e.e.e.g.......Z.e.e.e.d.......Z.e.e.e.d.d.>.......Z.e.e.e.......Z.e.e.d.....Z e.e.d.....Z!e.e.e"......Z#e.i.......Z$e.i.......Z%e.i.......Z&e.e.j'..Z(e.d.d.......Z)d.d...Z*e*..Z*e.e*..Z+e*.,....[*d.d...Z-e-..Z-e.e-..Z.[-d.d...Z/G.d.d...d.e.d...Z0G.d.d...d.e.d...Z1G.d.d...d.e1..Z2e2.3e+....G.d.d...d.e.d...Z4G.d.d ..d e4..Z5G.d!d"..d"e5..Z6e6.3e.....G.d#d$..d$e.d...Z7G.d%d&..d&e7..Z8e8.3e.....e8.3e.....e8.3e.....e8.3e.....e8.3e.....e8.3e.....e8.3e.....e8.3e.....e8.3e.....e8.3e.....e8.3e ....e8.3e!....e8.3e#....G.d'd(..d(e7..Z9G.d)d*..d*e8..Z:e:.3e)....G.d+d,..d,e.d...Z;G.d-d...d.e.d...Z<G.d/d0..d0e;e7e<..Z=G.d1d2..d2e...Z>d3d4..Z?d5d6..Z@d7d8..ZAG.d9d:..d:e.d...ZBG.d;d<..d<e=..ZCeC.3eD....G.d=d>..d>eC..ZEeE.3e.....G.d?d@..d@e=..ZFeF

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\bisect.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2568
                                                                                                                                                                                                    Entropy (8bit):5.1890804101228385
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:gfhwHaPJ7Bn7V39r0OCl7VU30bEBn7B3OeuUnCRl7VC3/TZV:8h7Bx39AOC030QB93OeHCRi3VV
                                                                                                                                                                                                    MD5:8283A0EA0D93E6D1BF69F545849E25DE
                                                                                                                                                                                                    SHA1:85C990B55755104828841378539466EF3419563E
                                                                                                                                                                                                    SHA-256:79504CF8F8E2A8F807BD292472C04FA3805CBEA43EC33E8A049711B972BFF313
                                                                                                                                                                                                    SHA-512:E72D3A95FC3C2885AE8C9DD8D9E8ACE0C975A2110BCECFC60C12348D41DFB6B2B164C414FC3F7BFDAE0E981F4009EB49B9F6858AFAD524A4876BC41EDAC6D6A3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....p...d.Z.d.d.d...d.d...Z.d.d.d...d.d...Z.d.d.d...d.d...Z.d.d.d...d.d...Z.z.d.d.l.T.W.n...e.y1......Y.n.w.e.Z.e.Z.d.S.)...Bisection algorithms......N....keyc....................C....>...|.d.u.r.t.|.|.|.|...}.n.t.|.|.|...|.|.|.d...}.|...|.|.....d.S.)...Insert item x in list a, and keep it sorted assuming a is sorted... If x is already in a, insert it to the right of the rightmost x... Optional args lo (default 0) and hi (default len(a)) bound the. slice of a to be searched.. Nr........bisect_right..insert....a..x..lo..hir......r......bisect.py..insort_right.................r....c....................C.......|.d.k.r.t.d.....|.d.u.r.t.|...}.|.d.u.r1|.|.k.r/|.|...d...}.|.|.|...k.r'|.}.n.|.d...}.|.|.k.s.|.S.|.|.k.rN|.|...d...}.|.|.|.|.....k.rF|.}.n.|.d...}.|.|.k.s5|.S.).....Return the index where to insert item x in list a, assuming a is sorted... The return value i is such that all e in a[:i] have e <= x, and all e in. a[i:] have e

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\brotli.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1493
                                                                                                                                                                                                    Entropy (8bit):5.314098095660373
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:gHYNJ2IC+q0z3aPm3rgJsS6WY+VBONjiiVwGajNserHwk6f8qtVT2iGDk860Hm:gH+9Ch0pgP6WY++ixjNAk6EqtVTPGlG
                                                                                                                                                                                                    MD5:645249CA25C7D51736BE8E827A558652
                                                                                                                                                                                                    SHA1:BB8D4E12B125966715EB6C302D4B4A60F04BCE64
                                                                                                                                                                                                    SHA-256:0F091CC03E165E408134F3A20CF77FA13C683BE503A55C2651040480C186D534
                                                                                                                                                                                                    SHA-512:158B3E5DE25C0F87F4BD21163919C1A9553C7B58F301B5C8E1B40F54431C91E5185407EE85D6873EA196DFE1F1BE473520A7B9EEF2E135B69A6A82DB41ABF709
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....V...d.Z.d.d.l.Z.e.j...Z.Z.e.j.Z.e.j.Z.e.j.Z.e.j.Z.e.j.Z.e.d.d.d.f.d.d...Z.e.j.Z.e.j.Z.d.S.)..CFunctions to compress and decompress data using the Brotli library......N..........c....................C...."...t.|.|.|.|.d...}.|...|...|.......S.)..a...Compress a byte string... Args:. string (bytes): The input data.. mode (int, optional): The compression mode can be MODE_GENERIC (default),. MODE_TEXT (for UTF-8 format text input) or MODE_FONT (for WOFF 2.0).. quality (int, optional): Controls the compression-speed vs compression-. density tradeoff. The higher the quality, the slower the compression.. Range is 0 to 11. Defaults to 11.. lgwin (int, optional): Base 2 logarithm of the sliding window size. Range. is 10 to 24. Defaults to 22.. lgblock (int, optional): Base 2 logarithm of the maximum input block size.. Range is 16 to 24. If set to 0, the value will be set based on the. q

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\bz2.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):10850
                                                                                                                                                                                                    Entropy (8bit):5.284896366892046
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:eURZ9KATZ38E9/5v7iv25L9Dz+zJ74k17vVfuxwmTy+6GY8hABFFUATxtStyCcQA:BP6Eb22dRCzZlvVowmTVABpbS6t+2
                                                                                                                                                                                                    MD5:6742F99C98780ADE923EBBF36EB9AB92
                                                                                                                                                                                                    SHA1:0DC7CA9351C2DC6E2B42495D506BB7FF4CB381EA
                                                                                                                                                                                                    SHA-256:14340CB02529EBF0D8EE34D0600CB9C8BB054D97D248565A6CD362A55FCA1C5D
                                                                                                                                                                                                    SHA-512:4E9FBAE2F6B1CE56BAE910A9A5A55DDA586B5BD2F4A6ABBE61664B8BB5ACE5AFC73622E615496BB306664E6837F90380824294EA4504EA1770E0B7405AF887B6
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@.......d.Z.g.d...Z.d.Z.d.d.l.m.Z...d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z.m.Z...d.Z.d.Z.d.Z.G.d.d...d.e.j...Z.....d.d.d...Z.d.d.d...Z.d.d...Z.d.S.)...Interface to the libbzip2 compression library...This module provides a file interface, classes for incremental.(de)compression, and functions for one-shot (de)compression......BZ2File..BZ2Compressor..BZ2Decompressor..open..compress..decompress.%Nadeem Vawda <nadeem.vawda@gmail.com>.......r....N..r....r..............c....................@.......e.Z.d.Z.d.Z.d*d.d...d.d...Z.d.d...Z.e.d.d.....Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d+d.d...Z.d,d.d...Z.d,d.d...Z.d.d...Z.d,d.d...Z.d,d.d ..Z.d!d"..Z.d#d$..Z.e.j.f.d%d&..Z.d'd(..Z.d)S.)-r.....@...A file object providing transparent bzip2 (de)compression... A BZ2File can act as a wrapper for an existing file object, or refer. directly to a named file on disk... Note that BZ2File provides a *binary* file interface - data read is. returned as bytes, and data t

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\calendar.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):26227
                                                                                                                                                                                                    Entropy (8bit):5.273500257644362
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:r9ZsjX1NmHeR3PgF94uDxilyQOjjmzsSLA14xnoMEcHW8t9s/I5VZJsbKP7:rCNeKu4uDxilyBjmxOcoMEcH2XKP7
                                                                                                                                                                                                    MD5:9F293014C1B9136415D112FF3B3FA5D3
                                                                                                                                                                                                    SHA1:CB285F3575D9DA3A19A3275DFA3E71839345A2F4
                                                                                                                                                                                                    SHA-256:4819BC122521D85FD73D2D877292D97A95050B0B44541F5195FF322AA61840DB
                                                                                                                                                                                                    SHA-512:B940F710677D97A01BEE6A0FF074A3F67F09E3A22F989EC53B7721D74B6641A620EAC6005859897CCA356C02F4A7DAA586C6159F9654C2D4AC26A2A4E31C0CC9
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@........d.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...g.d...Z.e.Z.G.d.d...d.e...Z.G.d.d...d.e...Z.d.Z.d.Z.g.d...Z.G.d.d...d...Z.G.d.d...d...Z.e.d...Z.e.d...Z.e.d...Z.e.d...Z.e.d...\.Z.Z.Z.Z.Z.Z.Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z d.d...Z!d.d ..Z"d!d"..Z#G.d#d$..d$e$..Z%G.d%d&..d&e%..Z&G.d'd(..d(e%..Z'G.d)d*..d*..Z(G.d+d,..d,e&..Z)G.d-d...d.e'..Z*e&..Z+e+j,Z-d/d0..Z.e+j/Z0e+j1Z1e+j2Z3e+j4Z5e+j6Z6e+j7Z8e+j9Z:e+j;Z<d1Z=d2Z>e=e>f.d3d4..Z?e=e>f.d5d6..Z@d7ZAe..BeAd.d....C..ZDd8d9..ZEd:d;..ZFeGd<k.r.eFe.jH....d.S.d.S.)=.$...Calendar printing functions..Note when comparing these calendars to the ones printed by cal(1): By.default, these calendars have Monday as the first day of the week, and.Sunday as the last (the European convention). Use setfirstweekday() to.set the first day of the week (0=Monday, 6=Sunday)......N....repeat....IllegalMonthError..IllegalWeekdayError..setfirstweekday..firstweekday..isleap..leapdays..weekday..monthrange..monthcalendar..prmonth..m

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\certifi\__init__.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):225
                                                                                                                                                                                                    Entropy (8bit):4.590851707868208
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:gexsZvEG/XgcdLTC2Q/22Q//N6/lqNS4G:geeeGBPQJQ3N68NS7
                                                                                                                                                                                                    MD5:256FF684929D966CB6C44D7E7D852F05
                                                                                                                                                                                                    SHA1:D8F7E6238AE75E8E237A27E5522BCB6465EA2378
                                                                                                                                                                                                    SHA-256:731E0D0464BC7CE534C36A6C36B673BE346414D87010A610D7462D525A57D72A
                                                                                                                                                                                                    SHA-512:FB3091876FB8A3B51F673C3F71BEB51584BBBEE02D4683D6E7C4698FBFB227FB4069BAA4DB4E20B50FDE674787DE9B64BFFE55F84A6E2328301524876F93266A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@.... ...d.d.l.m.Z.m.Z...d.d.g.Z.d.Z.d.S.)..........contents..wherer....r......2024.08.30N....corer....r......__all__..__version__..r....r....z.certifi\__init__.py..<module>...............

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\certifi\cacert.pem

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):299427
                                                                                                                                                                                                    Entropy (8bit):6.047872935262006
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6144:QW1x/M8fRR1jplkXURrVADwYCuCigT/QRSRqNb7d8iu5Nahx:QWb/TRJLWURrI5RWavdF08/
                                                                                                                                                                                                    MD5:50EA156B773E8803F6C1FE712F746CBA
                                                                                                                                                                                                    SHA1:2C68212E96605210EDDF740291862BDF59398AEF
                                                                                                                                                                                                    SHA-256:94EDEB66E91774FCAE93A05650914E29096259A5C7E871A1F65D461AB5201B47
                                                                                                                                                                                                    SHA-512:01ED2E7177A99E6CB3FBEF815321B6FA036AD14A3F93499F2CB5B0DAE5B713FD2E6955AA05F6BDA11D80E9E0275040005E5B7D616959B28EFC62ABB43A3238F0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:.# Issuer: CN=GlobalSign Root CA O=GlobalSign nv-sa OU=Root CA.# Subject: CN=GlobalSign Root CA O=GlobalSign nv-sa OU=Root CA.# Label: "GlobalSign Root CA".# Serial: 4835703278459707669005204.# MD5 Fingerprint: 3e:45:52:15:09:51:92:e1:b7:5d:37:9f:b1:87:29:8a.# SHA1 Fingerprint: b1:bc:96:8b:d4:f4:9d:62:2a:a8:9a:81:f2:15:01:52:a4:1d:82:9c.# SHA256 Fingerprint: eb:d4:10:40:e4:bb:3e:c7:42:c9:e3:81:d3:1e:f2:a4:1a:48:b6:68:5c:96:e7:ce:f3:c1:df:6c:d4:33:1c:99.-----BEGIN CERTIFICATE-----.MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG.A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv.b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw.MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i.YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT.aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ.jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp.xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\certifi\core.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2100
                                                                                                                                                                                                    Entropy (8bit):4.875601670596195
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:gq5BUoxmgDZLaSLlEZxF81g69ehWFCtCewnGJ:dfUC/cZx6aIeGPGJ
                                                                                                                                                                                                    MD5:574D9B80C511D453E76F7A1500C00989
                                                                                                                                                                                                    SHA1:BD211E262A0AB19453D7E2A58DEF1D6C021CEE36
                                                                                                                                                                                                    SHA-256:D3CE6589F2DC0626B706B196A53F205B56056CEE55463D6FF1DABC7E300185F1
                                                                                                                                                                                                    SHA-512:3F6FB0ADC3A7920B4CE1F9B094DADE0CAB529B2DC8BD0BC58715FD5C49D3AB145C1AFF341917D76FA7130D3FDEDF8ED33F307F1CE823CE7F22DDB87466C42A20
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@........d.Z.d.d.l.Z.d.d.l.Z.d.d.d...Z.e.j.d.k.r0d.d.l.m.Z.m.Z...d.a.d.a.d.e.f.d.d...Z.d.e.f.d.d...Z.d.S.e.j.d.k.rQd.d.l.m.Z.m.Z...d.a.d.a.d.e.f.d.d...Z.d.e.f.d.d...Z.d.S.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...e.e.j.e.f...Z.e.e.d.f...Z.....d.d.e.d.e.d.e.d.e.d.e.f.d.d...Z.d.e.f.d.d...Z.d.e.f.d.d...Z.d.S.)..e.certifi.py.~~~~~~~~~~..This module returns the installation location of cacert.pem or its contents.......N..returnc....................C........t...d.d.d.....d.S.).N...._CACERT_CTX..__exit__..r....r......certifi\core.py..exit_cacert_ctx...........r....................as_file..filesc....................C....4...t.d.u.r.t.t.d.....d.....a.t.t.......a.t...t.....t.S.).N..certifi..cacert.pem...._CACERT_PATHr....r......joinpathr......str..__enter__..atexit..registerr....r....r....r....r......where...................r....c....................C........t.d.....d...j.d.d...S.).Nr....r......ascii....encoding..r....r......read_textr....r....r....r......contents.........

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\charset_normalizer\__init__.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1521
                                                                                                                                                                                                    Entropy (8bit):5.675472519363452
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:gAV4U0b8ybWPxg+QQMzy/ClB3N/PLo3bIB3Nvh4VMhGlXwu+H2C/ZC/BgYfUy:go4jbqjQtyat/c2vhCMhju/C/o/6YfUy
                                                                                                                                                                                                    MD5:9B3F6D9382897CA9275CBD21112111DC
                                                                                                                                                                                                    SHA1:E87E6C8311BCFE63198A5A60A1EE4B499569D6DA
                                                                                                                                                                                                    SHA-256:BE018CCD65BD8B3D4F2561A42A5D780E3B9D3D5DD5917AD95911D5892B37B5AE
                                                                                                                                                                                                    SHA-512:E988B9B99E52721DA1B46E0DD9232B0BA79EE2DF249E26755D50800286F1C3D03CB4EEF4AD519352DBFC29C47AD15C7F74832B598ED55FD54DCF485463A976CB
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....x...d.Z.d.d.l.Z.d.d.l.m.Z.m.Z.m.Z.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z...d.Z.e...d.....e.........d.S.).......Charset-Normalizer.~~~~~~~~~~~~~~.The Real First Universal Charset Detector..A library that helps you read text from an unknown charset encoding..Motivated by chardet, This package is trying to resolve the issue by taking a new approach..All IANA character set names for which the Python core library provides codecs are supported...Basic usage:. >>> from charset_normalizer import from_bytes. >>> results = from_bytes('B.... ..... ... ..... .. ............ O............!'.encode('utf_8')). >>> best_guess = results.best(). >>> str(best_guess). 'B.... ..... ... ..... .. ............ O............!'..Others methods and usages are available - see the full documentation.at <https://github.com/Ousret/charset_normalizer>..:copyright

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\charset_normalizer\api.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):11648
                                                                                                                                                                                                    Entropy (8bit):5.852461555091965
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:XWeJLv8V6fy4TM8eIGOD5vUD3MHz9ZZER6gJzasTZyZPF8oxA0zIfAgHSKNJCA:XWeJLvc0TM8N630ZZaFzas9WBxA0sfA4
                                                                                                                                                                                                    MD5:90DEE46904EBA1AFDB40A6F0E221FA21
                                                                                                                                                                                                    SHA1:C8D1A153D01D2610792D6D0E01A4A764C01570F3
                                                                                                                                                                                                    SHA-256:21B89DA7C1BD1AE06E6533D82AF62FC9B36FAD81D325FEE4A9049348302874FB
                                                                                                                                                                                                    SHA-512:243F484B60655957DFD20F5B9DFE14AEE6042BD36CE72078E49A98B81E8A49CE94190A797CC70292D3E8AA6CEDC5CD98ECE94D146B62C0BAF43F55569C0CE818
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....L...d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z.m.Z.m.Z.m.Z.m.Z...d.d.l.m.Z.m.Z.m.Z.m.Z...d.d.l.m.Z.m.Z.m.Z.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z...d.d.l.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z...e.. d...Z!e.."..Z#e#.$e..%d.........................d(d.e.e&e'f...d.e(d.e(d.e)d.e.e.e*....d.e.e.e*....d.e+d.e+d.e)d.e+d.e.f.d.d...Z,..................d(d.e.d.e(d.e(d.e)d.e.e.e*....d.e.e.e*....d.e+d.e+d.e)d.e+d.e.f.d d!..Z-..................d(d"e.e*e&e.f...d.e(d.e(d.e)d.e.e.e*....d.e.e.e*....d.e+d.e+d.e)d.e+d.e.f.d#d$..Z...................d)d%e.e.e*e.e&f...d.e(d.e(d.e)d.e.e.e*....d.e.e.e*....d.e+d.e+d.e)d.e+d.e+f.d&d'..Z/d.S.)*.....N....PathLike....BinaryIO..List..Optional..Set..Union.........coherence_ratio..encoding_languages..mb_encoding_languages..merge_coherence_ratios....IANA_SUPPORTED..TOO_BIG_SEQUENCE..TOO_SMALL_SEQUENCE..TRACE....mess_ratio....CharsetMatch..CharsetMatches....any_specified_encoding..cut_sequence_chunks..iana_name..identify_sig_or_bom..is_cp_similar..is_multi_b

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\charset_normalizer\cd.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):9597
                                                                                                                                                                                                    Entropy (8bit):5.544858614968908
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:ozqRXboHRH+tBqz+mspqUuOKMpPc7Gsvo+JORJtTatBAg/mZ6TpC:oe9S+nmySOKGPc7Gsvo+JORJQ7AgOAtC
                                                                                                                                                                                                    MD5:18F7604974BD2F1105CDE21524357515
                                                                                                                                                                                                    SHA1:B33BF30E83B5D2D931821B981A5A01742935D9F4
                                                                                                                                                                                                    SHA-256:95C64CE9DE92FD32555C8E23180FAF6357CA889827924DCF9BC2F7469D311A06
                                                                                                                                                                                                    SHA-512:FE9EA0D4A6E5D62E222AA25C033354B3C263CCCD19625A370A5CB45A8D12C1F376859B07F8ED8AEE13EB926FE22ABEE41D6496F4FCCD96D6D19FB830C641040E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@........d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z.m.Z.m.Z.m.Z...d.d.l.m.Z.m.Z.m.Z.m.Z.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z.m.Z.m.Z.m.Z...d.e.d.e.e...f.d.d...Z.d.e.d.e.e...f.d.d...Z.e...d.e.d.e.e...f.d.d.....Z e...d.e.d.e.e...f.d.d.....Z!e.e.d...d.e.d.e.e"e"f...f.d.d.....Z#..d0d.e.e...d.e"d.e.e...f.d.d...Z$d.e.d.e.e...d.e%f.d d!..Z&d"e.d.e.e...f.d#d$..Z'd%e.e...d.e.f.d&d'..Z(d%e.d.e.f.d(d)..Z)e.d*d.....d1d"e.d,e%d-e.e...d.e.f.d.d/....Z*d.S.)2.....N....IncrementalDecoder....Counter....lru_cache..r......Dict..List..Optional..Tuple.........FREQUENCIES..KO_NAMES..LANGUAGE_SUPPORTED_COUNT..TOO_SMALL_SEQUENCE..ZH_NAMES... is_suspiciously_successive_range....CoherenceMatches....is_accentuated..is_latin..is_multi_byte_encoding..is_unicode_range_secondary..unicode_range..iana_name..returnc............................t.|...r.t.d.....t...d...|.....j.}.|.d.d...}.i...d...t.d.d...D.]/}.|...t.|.g.....}.|.rNt.|...}.|.d.u.r4q.t.|...d.u.rN|...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\charset_normalizer\constant.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):30393
                                                                                                                                                                                                    Entropy (8bit):5.9803133241204
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:XvZKN0taqbKcwWiSqCDEOuV6OWNwFP1SoLsyXAp2dcrr+LlR//fkqapWYnXZGrou:XvZ6EKcRiSH4ORRO/RLv0draZZ9cxok4
                                                                                                                                                                                                    MD5:7FAD4D654E3F7A55F78CEA4571802AC7
                                                                                                                                                                                                    SHA1:5EF32ACD6E512F8398F9194DED50A776FE181EF7
                                                                                                                                                                                                    SHA-256:31A1BD5ED4A42DC09F78A7F051321CB29FEB8D2B5D80FED5298CEBCEA54E0056
                                                                                                                                                                                                    SHA-512:472FF663429942EB425D0394215659470F344FBE2C6340246255EDC4178811C54103413D208A6075E9EC24CA7F864B73D793CBB0D1DC7BCAD27B1F0A0006BEDF
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....~...U.d.d.l.m.Z.m.Z.m.Z.m.Z.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z...d.d.l.m.Z.m.Z.m.Z.m.Z...e.g.d...d.e.e.g.e.e.g.d...Z.e.e.e.e.e.e...f...f...e.d.<.d.Z.e.e.d.<.e.d...Z.e.e.d.<.d.Z.e.e.d.<.i.d.e.d.....d.e.d.d.....d.e.d.d.....d.e.d.d.....d.e.d.d.....d.e.d.d.....d.e.d.d.....d.e.d.d.....d.e.d.d.....d e.d.d!....d"e.d!d#....d$e.d#d%....d&e.d%d'....d(e.d'd)....d*e.d)d+....d,e.d+d-....d.e.d-d/....i.d0e.d/d1....d2e.d1d3....d4e.d3d5....d6e.d5d7....d8e.d7d9....d:e.d9d;....d<e.d;d=....d>e.d=d?....d@e.d?dA....dBe.dAdC....dDe.dCdE....dFe.dEdG....dHe.dGdI....dJe.dIdK....dLe.dKdM....dNe.dMdO....dPe.dOdQ......i.dRe.dQdS....dTe.dSdU....dVe.dUdW....dXe.dWdY....dZe.dYd[....d\e.d[d]....d^e.d]d_....d`e.d_da....dbe.dadc....dde.dcde....dfe.dedg....dhe.dgdi....dje.didk....dle.dkdm....dne.dmdo....dpe.dodq....dre.dqds......i.dte.dsdu....dve.dudw....dxe.dwdy....dze.dyd{....d|e.d{d}....d~e.d}d.....d.e.d.d.....d.e.d.d.....d.e.d.d.....d.e.d.d.....d.e.d.d.....d.e.d.d.....d.e.d.d...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\charset_normalizer\legacy.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):2126
                                                                                                                                                                                                    Entropy (8bit):5.4711551179822
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:ggSnE81Pny81wYbebSh3Ue75yubxKp4/hXqI+:fG1Py8eYbebSyo5ycFxqD
                                                                                                                                                                                                    MD5:907E8CC1A5B538D59068A9EC12890B61
                                                                                                                                                                                                    SHA1:DC1EF73299589C136B6BEDC739424E331DA56F32
                                                                                                                                                                                                    SHA-256:30B739980333F3980546AB66AB046C094D48E9DCEDFECA2EF3DA6D3E76EFB041
                                                                                                                                                                                                    SHA-512:09A674FF746B61CEE8E91CB7DFA40418B57B9FA91653B37D27E43EB4EF39F8E7608D2F8FE566C4D35A8AF3C7340D9B05B1813377E9D481FBAA826E8360BF2BEC
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....v...d.d.l.m.Z...d.d.l.m.Z.m.Z.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...e.r2d.d.l.m.Z...G.d.d...d.e...Z...d.d.d.d...Z.d.S.)..........annotations....TYPE_CHECKING..Any..Optional....warn.........from_bytes....CHARDET_CORRESPONDENCE....TypedDictc....................@....&...e.Z.d.Z.U.d.e.d.<.d.e.d.<.d.e.d.<.d.S.)...ResultDict..Optional[str]..encoding..str..language..Optional[float]..confidenceN....__name__..__module__..__qualname__..__annotations__..r....r......charset_normalizer\legacy.pyr.....................r....F..byte_str..bytes..should_rename_legacy..bool..kwargsr......returnc....................K........t.|...r.t.d.d...t.|...........d.......t.|.t.t.f...s#t.d...t.|.........t.|.t...r,t.|...}.t.|.......}.|.d.u.r9|.j.n.d.}.|.d.u.rG|.j.d.k.rG|.j.n.d.}.|.d.u.rRd.|.j...n.d.}.|.d.u.rc|.d.k.rc|.j.rc|.d.7.}.|.d.u.ro|.t.v.rot.|...}.|.|.|.d...S.)..J.... chardet legacy method. Detect the encoding of the given byte string. It should be mostly backw

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\charset_normalizer\md.cp310-win_amd64.pyd

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):10752
                                                                                                                                                                                                    Entropy (8bit):4.82516630102953
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:700fK74ACb0xx2uKynu10YLsgxwJiUNiL0U5IZsJFPGDtCFOCQAASmHcX6g8H4ao:QFCk2z1/t12iwU5usJFqCyVcqgg
                                                                                                                                                                                                    MD5:F4F7F634791F26FC62973350D5F89D9A
                                                                                                                                                                                                    SHA1:6BE643BD21C74ED055B5A1B939B1F64B055D4673
                                                                                                                                                                                                    SHA-256:45A043C4B7C6556F2ACFC827F2FF379365088C3479E8EE80C7F0A2CEB858DCC6
                                                                                                                                                                                                    SHA-512:4325807865A76427D05039A2922F853287D420BCEBDA81F63A95BF58502E7DA0489060C4B6F6FFD65AA294E1E1C1F64560ADD5F024355922103C88B2CF1FD79B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$....................X...................................^............................4...........Rich....................PE..d...c#.g.........." ...).....................................................p............`..........................................'..p...`(..d....P.......@...............`..,...`#.............................. "..@............ ...............................text............................... ..`.rdata....... ......................@..@.data........0......."..............@....pdata.......@.......$..............@..@.rsrc........P.......&..............@..@.reloc..,....`.......(..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\charset_normalizer\md__mypyc.cp310-win_amd64.pyd

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):122368
                                                                                                                                                                                                    Entropy (8bit):5.903697891709302
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:1536:5ewkbk74PoxchHGTm/SCtg5MbfFPjPNoSLn2dkp2A/2pQKP:5endPox6HGTOLtg6bfFhDLkkCpQK
                                                                                                                                                                                                    MD5:47EE4516407B6DE6593A4996C3AE35E0
                                                                                                                                                                                                    SHA1:293224606B31E45B10FB67E997420844AE3FE904
                                                                                                                                                                                                    SHA-256:F646C3B72B5E7C085A66B4844B5AD7A9A4511D61B2D74153479B32C7AE0B1A4C
                                                                                                                                                                                                    SHA-512:EFA245C6DB2AEE2D9DB7F99E33339420E54F371A17AF0CF7694DAF51D45AEBFBAC91FC52DDB7C53E9FC73B43C67D8D0A2CAA15104318E392C8987A0DAD647B81
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........VyR.7...7...7...O...7.......7...O...7.......7.......7.......7..JB...7...7..b7......7......7......7......7..Rich.7..........PE..d...b#.g.........." ...).6...........7.......................................0............`......................................... ...d.................................... ......@...................................@............P...............................text...(4.......6.................. ..`.rdata...Y...P...Z...:..............@..@.data....=.......0..................@....pdata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\charset_normalizer\models.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):11963
                                                                                                                                                                                                    Entropy (8bit):5.232135678893072
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:Rj8lTF3s0UVo82H7ADp8AvOv4ARWouIfxrftLdwHYHC7XiyRh+O2uZ5DrpVx2K9/:RiTF80UVo82H7ADOAvO4ARWouIfxjtL8
                                                                                                                                                                                                    MD5:E81FA915ED4D6CAA728EC1C3052759AD
                                                                                                                                                                                                    SHA1:21D3F620F2C13B0D00B02E4CAE5E1A3926AC05F8
                                                                                                                                                                                                    SHA-256:9DCA7D56E8DCF92CC7E563B30C437FF162C352CE9B5D58B7EA8591A317340596
                                                                                                                                                                                                    SHA-512:F01B337E1E4434F63B97885823F650546C4A3298C760AF03D0373704A28C9CF3B8AD62BF6A3EA48D2598805FF62D0832374CC7F5B85CCD4AC3AF5E8D133E27A9
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@.......d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z...d.d.l.m.Z.m.Z...d.d.l.m.Z.m.Z.m.Z...G.d.d...d...Z.G.d.d...d...Z.e.e.e.f...Z.e.e...Z.G.d.d...d...Z.d.S.)..........aliases....sha256....dumps....sub....Any..Dict..Iterator..List..Optional..Tuple..Union.........RE_POSSIBLE_ENCODING_INDICATION..TOO_BIG_SEQUENCE....iana_name..is_multi_byte_encoding..unicode_rangec....................@........e.Z.d.Z.....d>d.e.d.e.d.e.d.e.d.d.d.e.e...d.e.e...f.d.d...Z.d.e.d.e.f.d.d...Z.d.e.d.e.f.d.d...Z.e.d.e.f.d.d.....Z.d.e.f.d.d...Z.d.e.f.d.d...Z.d?d.d...Z.e.d.e.f.d.d.....Z.e.d.e.e...f.d.d.....Z.e.d.e.f.d.d.....Z.e.d.e.f.d d!....Z.e.d.e.e...f.d"d#....Z.e.d.e.f.d$d%....Z.e.d.e.f.d&d'....Z.e.d.e.f.d(d)....Z.e.d.e.f.d*d+....Z.e.d.e.f.d,d-....Z.e.d.e.f.d.d/....Z.e.d.e.d...f.d0d1....Z.e.d.e.f.d2d3....Z.e.d.e.e...f.d4d5....Z.e.d.e.e...f.d6d7....Z d@d9e.d.e.f.d:d;..Z!e.d.e.f.d<d=....Z"d.S.)A..CharsetMatchN..payload..guessed_encoding..m

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\charset_normalizer\utils.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):8855
                                                                                                                                                                                                    Entropy (8bit):5.4921226311548965
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:ynaWBnyfyXwAmTpiNO6wK6jxQzpbzOoALuw80i2AZo/6sfzBx7N/ZbKi9LbqO:5LA6jwSuwtiFZstzSALb5
                                                                                                                                                                                                    MD5:8414851E26FC4043190C78A55D8D1ECE
                                                                                                                                                                                                    SHA1:D9B8CA98B8DB0207E7CB63E178E83139A85252C3
                                                                                                                                                                                                    SHA-256:3DAA72B18ABAF8794C93705699C77C660A7EC4DBD71219A9B9E9272BD70728D3
                                                                                                                                                                                                    SHA-512:A8C52F54AA8D9D7708F484603AB0134E40876B4AAB3CA3097FA38AC60FF57A43C08142AAFDC4C2C0ED9A5970F923948B2355882D1C2530E6D7519C48E9233516
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@........d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z...e.e.d...d.e.d.e.f.d.d.....Z.e.e.d...d.e.d.e.f.d.d.....Z.e.e.d...d.e.d.e.e...f.d.d.....Z.e.e.d...d.e.d.e.f.d.d.....Z e.e.d...d.e.d.e.f.d.d.....Z!e.e.d...d.e.d.e.f.d.d.....Z"e.e.d...d.e.d.e.f.d.d.....Z#e.e.d...d.e.d.e.f.d.d.....Z$e.e.d...d.e.d.e.f.d.d.....Z%e.e.d...d.e.d.e.f.d.d ....Z&e.e.d...d.e.d.e.f.d!d"....Z'e.e.d...d.e.d.e.f.d#d$....Z(e.e.d...d.e.d.e.f.d%d&....Z)e.e.d...d.e.d.e.f.d'd(....Z*e.e.d...d.e.d.e.f.d)d*....Z+e.e.d...d.e.d.e.f.d+d,....Z,e.e-e...d...d-e.d.e.f.d.d/....Z.e.e.d...d.e.d.e.f.d0d1....Z/d_d3e0d4e1d.e.e...f.d5d6..Z2e.d7d...d8e.d.e.f.d9d:....Z3d3e0d.e.e.e...e0f...f.d;d<..Z4d=e.d.e.f.d>d?..Z5d`dAe.dBe.d.e.f.dCdD..Z6dEe.d.e.e...f.dFdG..Z7dHe.dIe.d.e8f.dJdK..Z9dHe.dIe.d.e.f.dLdM..Z:dNe.j;dOf.d8e.dPe1dQe.d.d.f.dRdS..Z<..dadTe0dUe.dVe=dWe1dXe.dYe.dZe0d[e.d\e.e...d.e.e.d.d.f...f.d]d^

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\charset_normalizer\version.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):207
                                                                                                                                                                                                    Entropy (8bit):4.895217425847445
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:ztWl/zlr/bkszHuBmh2V5XL6rLynKCLcTkWwlflLNEG06GVyWD8ITkTi:g/zGszf2rb6rLrbie6G3D8Isi
                                                                                                                                                                                                    MD5:DDA1F43C9841229EFF43B34D814D9E3C
                                                                                                                                                                                                    SHA1:6CAAD919A585667FF520F9121CCC51E58B6A4054
                                                                                                                                                                                                    SHA-256:79C8C31DF336025A317E803EB4648666E7A03FBADBA0660FD27D915F28684F90
                                                                                                                                                                                                    SHA-512:C840E62F790E12F357D3A24A8189F4291CD090D30871627D19ABA60B694F0EA6EA7AF6C1D74AD51695EFB6223656CA7B56919D91E45B24B275D9F6C74C657854
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@........d.Z.d.Z.e...d...Z.d.S.)....Expose version...3.4.0...N....__doc__..__version__..split..VERSION..r....r....z.charset_normalizer\version.py..<module>...............

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\contextlib.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):20822
                                                                                                                                                                                                    Entropy (8bit):5.108191398869505
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:/rdg3xgjpX8UbC62VT92iLqN7VENxUCqgIN8KHaJ:jdg3QX8kcT9Hq8N/RKHQ
                                                                                                                                                                                                    MD5:F10F76E4AA08F7107C353ED5D7256054
                                                                                                                                                                                                    SHA1:569826BDB242287F086A517D645FAA24117D7B9B
                                                                                                                                                                                                    SHA-256:DE98FE3546614B65772548D67038F4F799000CBAD2367672530F3AC165B1AE50
                                                                                                                                                                                                    SHA-512:7CA962BF60AC1B22E2014AE90D17BB3BA921A012372CC89DB5760D13F631BCCB17E4D1BA422F723FE6F4F71A45A26A5B0337D60D8888896B29EC20B33F5EB79C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....~...d.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z...g.d...Z.G.d.d...d.e.j...Z.G.d.d...d.e.j...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d...Z.G.d.d...d.e.e.e...Z.G.d.d...d.e.e.e...Z.d.d...Z.d.d...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d ..d e...Z.G.d!d"..d"e...Z.G.d#d$..d$e...Z.G.d%d&..d&..Z.G.d'd(..d(e.e...Z.G.d)d*..d*e.e...Z.G.d+d,..d,e.e...Z d.S.)-.4Utilities for with-statement contexts. See PEP 343......N....deque....wraps....MethodType..GenericAlias....asynccontextmanager..contextmanager..closing..nullcontext..AbstractContextManager..AbstractAsyncContextManager..AsyncExitStack..ContextDecorator..ExitStack..redirect_stdout..redirect_stderr..suppress..aclosingc....................@....:...e.Z.d.Z.d.Z.e.e...Z.d.d...Z.e.j.d.d.....Z.e.d.d.....Z.d.S.).r.....,An abstract base class for context managers.c....................C........|.S.)..0Return `self` upon entering the runtime context.......selfr....r......co

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\contextvars.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):226
                                                                                                                                                                                                    Entropy (8bit):4.520999270328814
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:gexsZv2e2equ9ypTSEATIF/El3ZlqzcIVtZId:geeA2lypvnFsRWjVcd
                                                                                                                                                                                                    MD5:62609BAA0490C03BF48884DACA865090
                                                                                                                                                                                                    SHA1:48A28B6F4643BFDF1323FF397C6E917EDFD8D579
                                                                                                                                                                                                    SHA-256:88DD9F4C211CFC25E964E2A11CD53DAFE4AF0115AD7EFD78E78951CC963BFB0C
                                                                                                                                                                                                    SHA-512:FBF70ED76DA60FB7DA43B17523A89EEECA8655503B98AD0DF685C7EDF65874F400026D565CB3F6383EE1A142A7A33B4EBD98B88DD3E52A9148C9B12EC9F98CD4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@.... ...d.d.l.m.Z.m.Z.m.Z.m.Z...d.Z.d.S.)..........Context..ContextVar..Token..copy_contextN...._contextvarsr....r....r....r......__all__..r....r....z.contextvars.py..<module>.............

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\copy.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):6963
                                                                                                                                                                                                    Entropy (8bit):5.438461030836543
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:2xPakDZxS5GiVc3isTm2jbbOUyrmuh7Md+dqMMQkNRDq:Ua0/S5G4cRKQbrh4dkc
                                                                                                                                                                                                    MD5:F1C09EE419D22059F218336B72CFD767
                                                                                                                                                                                                    SHA1:02A143BA5195B10AC28AA47F7018C6684235E07A
                                                                                                                                                                                                    SHA-256:0ED2C70FEA770F0DB3881B34D9AC6E4CCCCBC2D5245D0ECD37329E7477FDEA74
                                                                                                                                                                                                    SHA-512:39DFF4101EFF9255E799C435C5C77C9F65A237AE60D2A5752F40C9A5D011002A830C76939C6B0F3BA93C8E7246DC7CD6D5F8723AB52D43B5479D870EE6509930
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....V...d.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...G.d.d...d.e...Z.e.Z.z.d.d.l.m.Z...W.n...e.y-......d.Z.Y.n.w.g.d...Z.d.d...Z.i...Z.Z.d.d...Z.e.d...e.e.e.e.e.e.e.e.e.e.e.e.e.j.e.e...e.e...e.j.e.j f.D.].Z!e.e.e!<.q[e"e.d.d...Z!e!d.u.rpe.e.e!<.e#j.e.e#<.e$j.e.e$<.e%j.e.e%<.e&j.e.e&<.e.d.u.r.e.j.e.e.<.[.[!d.g.f.d.d...Z'i...Z(Z.d.d...Z)e)e.e.d...<.e)e.e.e...<.e)e.e.e...<.e)e.e.<.e)e.e.<.e)e.e.<.e)e.e.<.e)e.e.<.e)e.e.<.e)e.e.j*<.e)e.e.<.e)e.e.<.e)e.e.j.<.e)e.e.j.<.e)e.e.j <.e)e.e.<.e'f.d.d...Z+e+e.e#<.e'f.d.d...Z,e,e.e.<.e'f.d.d...Z-e-e.e$<.e.d.u...r.e-e.e.<.d.d...Z.e.e.e.j/<.[.d.d...Z0..d.e'd...d.d...Z1[.[.[.d.S.)......Generic (shallow and deep) copying operations...Interface summary:.. import copy.. x = copy.copy(y) # make a shallow copy of y. x = copy.deepcopy(y) # make a deep copy of y..For module specific errors, copy.Error is raised...The difference between shallow and deep copying is only relevant for.compound objects (object

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\csv.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):11756
                                                                                                                                                                                                    Entropy (8bit):5.473410103904829
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:VJq1+BvzXv6AomtdBs4DqwZQyrzKbydGA3LYPqO0GX8GWFoKzckOMsotMdD2C9q:VJqqzXv6AHq4GyWWQA0tghzJfCd9q
                                                                                                                                                                                                    MD5:01EBD51112A10F9399D1F081F9A0852C
                                                                                                                                                                                                    SHA1:3ECF4580C6959EB8BEDC2CF74F744426078F11B4
                                                                                                                                                                                                    SHA-256:7D2102B6268B7A04E8BEFD19351BB7F2BEA97E38918881327AB0B3647826E927
                                                                                                                                                                                                    SHA-512:C8E1C3A402CD3090CD8AFE34D0C2430CD483D997CBFF7712B69174DD1D446D39891C1F56590BFF495D91D20FC1600108EF4B518708ADF46D642F9F3D12392728
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@........d.Z.d.d.l.Z.d.d.l.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z...d.d.l.m.Z...d.d.l.m.Z...g.d...Z.G.d.d...d...Z.G.d.d...d.e...Z.e.d.e.....G.d.d...d.e...Z.e.d.e.....G.d.d...d.e...Z.e.d.e.....G.d.d...d...Z.G.d.d...d...Z.z.e...W.n...e.y.......e.Z.Y.n.w.G.d.d...d...Z.d.S.)..+.csv.py - read/write/investigate CSV files......N....Error..__version__..writer..reader..register_dialect..unregister_dialect..get_dialect..list_dialects..field_size_limit..QUOTE_MINIMAL..QUOTE_ALL..QUOTE_NONNUMERIC..QUOTE_NONE..__doc__....Dialect....StringIO..r....r....r....r....r....r....r......excel..excel_tabr....r....r....r....r....r......Snifferr....r......DictReader..DictWriter..unix_dialectc....................@....D...e.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.d...Z.d.d...Z.d.S.).r......Describe a CSV dialect... This must be subclassed (see csv.excel). Valid attributes are:. delimiter, quotechar, escapechar, doublequote, skipinitialspace,.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\dataclasses.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):26480
                                                                                                                                                                                                    Entropy (8bit):5.409121759857592
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:PmB3+fSRd6t4QqKFS9jsZTHzSyw5RDHh0unW3kff5g:PmB3+SRd3QqKUVsZ/Syw5RDHh2kff5g
                                                                                                                                                                                                    MD5:9E1FD5EFA92A1639341BA5D928E54408
                                                                                                                                                                                                    SHA1:3E22917854B49BD1EA3D5EC8D44B03FA783660C0
                                                                                                                                                                                                    SHA-256:5354E09FE3C8377D118D83065E81C1EE8A5BB1D02BA0EFD5A2E17EF01B28C691
                                                                                                                                                                                                    SHA-512:BB13E51F9BA2BF2C460B6E22BC8A7ED2AE8EB41F4ED27631094307444254F70FDEE25CD199C32296CDC2C329EEFAD76CEFFD33FBED6329B6211C43218929525B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@........d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z.m.Z...g.d...Z.G.d.d...d.e...Z.G.d.d...d...Z.e...Z.G.d.d...d...Z.e...Z.G.d.d...d...Z.e...Z.e...i...Z.G.d.d...d...Z.e.d...Z.e.d...Z.e.d...Z.d.Z.d.Z.d.Z.e...d...Z.d.d...Z G.d.d...d...Z!G.d.d...d...Z"G.d.d...d...Z#e.e.d.d.d.d.d.e.d...d.d ..Z$d!d"..Z%d#d$..Z&d.d.e.d%..d&d'..Z'd(d)..Z(d*d+..Z)d,d-..Z*d.d/..Z+d0d1..Z,d2d3..Z-d4d5..Z.d6d7..Z/d8d9..Z0d:d;..Z1d<d=..Z2d>d?..Z3d@dA..Z4dBdC..Z5dDdE..Z6dFdG..Z7dHdI..Z8dJdK..Z9i.dLd...dMd...dNd...dOd...dPe7..dQd...dRe8..dSd...dTe8..dUe9..dVe8..dWe9..dXe8..dYe9..dZe8..d[e9..Z:d\d]..Z;d^d_..Z<d`da..Z=dbdc..Z>d~d.d.d.ddddddd.ddddde..dfdg..Z?dhdi..Z@djdk..ZAdldm..ZBeCdn..dodp..ZDdqdr..ZEeFds..dtdu..ZGdvdw..ZHdxd.d.d.d.ddddddd.dddddy..dzd{..ZId|d}..ZJd.S.)......N....FunctionType..GenericAlias....dataclass..field..Field..FrozenInstanceError..InitVar..KW_ONLY..MISSING..fields..asdict..astuple..make_dataclass..replace..is_da

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\datetime.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):56605
                                                                                                                                                                                                    Entropy (8bit):5.305031144785569
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:1536:0oPVWeEp4kIe83VF3GLq8L1fhDhnR7stF:0WsHoNCq8ZN7sH
                                                                                                                                                                                                    MD5:85EDB9E15DE2E1CC72E91BB340763078
                                                                                                                                                                                                    SHA1:371BAA6199D5EF80D7580164259AD5925CC52A18
                                                                                                                                                                                                    SHA-256:2B395208738C74CB0CF4D4E8EB46C2CAC115BF28F1528466120C6E9763861B30
                                                                                                                                                                                                    SHA-512:6FCE0984D907465BD35A5597A7CEF0F50D135F1ADCFA258D443AE0B12E093B1C45CD0B3C326E072C0CB110C3B4AD9914EF0E3E2F047E45C175F2A6316845FC4F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....r...d.Z.d.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...d.d...Z.d.Z.d.Z.d.Z.g.d...Z.d.g.Z.d.Z.e.d.d.....D.].Z.e...e.....e.e.7.Z.q/[.[.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.e.d...Z.e.d...Z.e.d...Z.e.d.k.scJ...e.d.e...d...k.smJ...e.d.e...d...k.swJ...d.d...Z.g.d...Z.g.d...Z.d d!..Z.d\d#d$..Z.d%d&..Z d'd(..Z!d)d*..Z"d+d,..Z#d-d...Z$d/d0..Z%d1d2..Z&d3d4..Z'd5d6..Z(d7d8..Z)d9d:..Z*d;d<..Z+G.d=d>..d>..Z,e,d?..e,_-e,d@dAdBdBdCdD..e,_.e,d.dE..e,_/G.dFdG..dG..Z0e0Z1e0d.d.d...e0_-e0d.dHdI..e0_.e,d.dJ..e0_/G.dKdL..dL..Z2G.dMdN..dNe3..Z4e4Z5[4e2Z6G.dOdP..dP..Z.e.Z7e.d.d.d...e._-e.dAdBdBdC..e._.e,d.dE..e._/G.dQdR..dRe0..Z8e8d.d.d...e8_-e8d.dHdIdAdBdBdC..e8_.e,d.dE..e8_/dSdT..Z9G.dUdV..dVe2..Z:e:.;e,d.....e:_<e:.;e,dAdBdW......e:_-e:.;e,dAdBdW....e:_.e8dXd.d.e:j<dY..Z=z.d.dZl>T.W.n...e?..y.......Y.d.S.w.[.[.[.[.[.[.[=[.[.[.['[([)[%[&[.[*[1[.[.[.[.[ [.[.[9[.[.[.[7[6[![.[+["[$[#[5d.d[l>m.Z...d.S.)]..Concrete date/time and related types...See http://www.iana.org/time-

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\decimal.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):342
                                                                                                                                                                                                    Entropy (8bit):4.557545897065008
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:6:gUR/WbkbVvkqXEG1OghzwNkHE9VlJrEXNJMoC2sgQIPIb:gU5WAZJJhhz8kk9Vll+NCoDcIPk
                                                                                                                                                                                                    MD5:AEB78EDB5C7DA307531BCF8C3736CE16
                                                                                                                                                                                                    SHA1:4D43A839CA5633ED18F8C20C05588D6F4B5B640E
                                                                                                                                                                                                    SHA-256:06C0506327ABFCBF2821FD5C6447DE84D0BC84D483CAF4A423C69F38BA27791C
                                                                                                                                                                                                    SHA-512:03CB9501DE17A8BA5F3F7C4EDB2431DD8489949F8C04AF66F14515BEBC985507058957AB655A04B47915A3F18ACBC3B6721E463BD841F00B983631CEF80698D3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....t...z.d.d.l.T.d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...W.d.S...e.y9......d.d.l.T.d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...Y.d.S.w.)..........*....__doc__....__version__....__libmpdec_version__N...._decimalr....r....r......ImportError.._pydecimal..r....r....z.decimal.py..<module>...............................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\dis.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):15636
                                                                                                                                                                                                    Entropy (8bit):5.496861983103317
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:xDdPwGD0g888L7sDBPhMoIDfl2mTq6SxtsTdFdx2tv:xDdR4iuplInxKTdFatv
                                                                                                                                                                                                    MD5:6B466EA646ACB5C8CE5D3DA303C481BC
                                                                                                                                                                                                    SHA1:9C102B1182AC62E2B6B30D9093B019C610BCE016
                                                                                                                                                                                                    SHA-256:632246E845E8741C16A6333F19096086619B5CB4BEF417BC7192AD626AF56208
                                                                                                                                                                                                    SHA-512:E897B8279093FA00B57EEF8A422097F3717BCB04BE24D8FC55626EC9B7D62FC1C6795BA4161B0A24ED7F60E71B63DA6776EEDFE1C624154394AC0427C2580B66
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@........d.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.T.d.d.l.m.Z...g.d...e...Z.[.e.j.e.j.e.j.e.e.e.f.Z.e.d...Z.d.e.d.f.e.d.f.e.d.f.f.Z.e.d...Z.d.Z.d.d...Z.dVd.d.d...d.d...Z.dVd.d...d.d...Z.d.d.d.d.d.d.d.d.d.d.d...Z.d d!..Z.d"d#..Z.d$d%..Z.d&d'..Z.d.d...d(d)..Z.e.. d*d+..Z!d,e!j"_.d-e!j._.d.e!j#_.d/e!j$_.d0e!j%_.d1e!j&_.d2e!j'_.d3e!j(_.d4Z)d5Z*G.d6d7..d7e!..Z+d.d8..d9d:..Z,d;d<..Z-d=d>..Z.....dWd?d@..Z/dXd.d...dBdC..Z0d.d.d...dDdE..Z1....dYd.d.dF..dGdH..Z2dIdJ..Z3e0Z4dKdL..Z5dMdN..Z6dOdP..Z7G.dQdR..dR..Z8dSdT..Z9e:dUk...r.e9....d.S.d.S.)Z.0Disassembler of Python byte code into mnemonics......N....*....__all__....code_info..dis..disassemble..distb..disco..findlinestarts..findlabels..show_code..get_instructions..Instruction..Bytecode..FORMAT_VALUE..N....str..repr..ascii..MAKE_FUNCTION....defaults..kwdefaults..annotations..closurec....................C....4...z.t.|.|.d...}.W.|.S...t.y.......t.|.|.d...}.Y.|.S.w.)...Attempts to compile the given source, fir

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\email\__init__.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1540
                                                                                                                                                                                                    Entropy (8bit):4.829104347753114
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:gaiwQTrfch6OD9UULNo7fH6fNB4NgqNQY:riprfch6Olorw+gWQY
                                                                                                                                                                                                    MD5:7F86EA377A15AF20EFF991C4DA31336F
                                                                                                                                                                                                    SHA1:359E4EFE753E8EA8221B65A2F8622F132A334193
                                                                                                                                                                                                    SHA-256:7E81800D915AC24E331F4B5DE01D508E68F2FA4E235EFBB5A98B1410338C5F9B
                                                                                                                                                                                                    SHA-512:8BD58379E21769D8ADA4201543A4B083EB55E876BBE38BAF22CFE6D0B0B0D38C30F28E5FC167A7CA6D66B0B517CAEEBFDBC82FF1A3267F98AAD591DA9E0919CD
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....0...d.Z.g.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.S.)..?A package for parsing, handling, and generating email messages.....base64mime..charset..encoders..errors..feedparser..generator..header..iterators..message..message_from_file..message_from_binary_file..message_from_string..message_from_bytes..mime..parser..quoprimime..utilsc....................O.... ...d.d.l.m.}...|.|.i.|.......|...S.)..vParse a string into a Message object model... Optional _class and strict are passed to the Parser constructor.. .........Parser....email.parserr......parsestr....s..args..kwsr......r!.....email\__init__.pyr.... ............r....c....................O...r....)..|Parse a bytes string into a Message object model... Optional _class and strict are passed to the Parser constructor.. r........BytesParser..r....r&.....parsebytes..r....r....r ...r&...r!...r!...r"...r....(...r#...r....c....................O...r....)...Read a file and parse its contents i

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\email\_encoded_words.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5718
                                                                                                                                                                                                    Entropy (8bit):5.438341704589463
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:lOU9w0nDwRCpgTTu2Q+cqsqTta3T8qCpjjRtPk6eXLvHLnrg8NNOGbM/Qfe:FDvCuRDYRy8h7PUL/gGN6Yfe
                                                                                                                                                                                                    MD5:F11DB3FCFDFDDC66D5B8876753ABD314
                                                                                                                                                                                                    SHA1:C6920B536CD564215D2826385417ED71C4433E14
                                                                                                                                                                                                    SHA-256:87753655845D8FEE48B62E19B672622319B812CA585C90E14AC31B6FFEA6C60F
                                                                                                                                                                                                    SHA-512:F0E9BCD9C8750A02714F16017BF71C6F6F29684F4713BD52DF5650C3B743A9B3183C62887BD3B6EE43042DED510B2095ADFD973204563524943642B227044AC8
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@........d.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z.m.Z...d.d.l.m.Z...g.d...Z.e...e...d...j.d.d.....Z.d.d...Z.G.d.d...d.e...Z.e...Z.d.e.e.d...<.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.e.e.d...Z.d.d...Z.e.e.d...Z.e.e.d...Z.d d.d...Z.d.S.)!.. Routines for manipulating RFC2047 encoded words...This is currently a package-private API, but will be considered for promotion.to a public API if there is demand........N....ascii_letters..digits....errors....decode_q..encode_q..decode_b..encode_b..len_q..len_b..decode..encode.....=([a-fA-F0-9]{2})c....................C........t...|...d.........S.).N.........bytes..fromhex..groupr........m..r......email\_encoded_words.py..<lambda>A..........r....c....................C........|...d.d...}.t.|...g.f.S.).N....._..... ....replace.._q_byte_subber....encodedr....r....r....r....C............r....c....................@....,...e.Z.d.Z.d.e...d.....e...d.....Z.d.d...Z.d.S.)..._QByteMap.....-!*+/..asciic..................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\email\_header_value_parser.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):77829
                                                                                                                                                                                                    Entropy (8bit):5.4161446748399005
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:1536:SBIcwfUUSzw9CKgVlUJFdiNPgzpC9iZh+0KH0wGRhN2GRB97LxSxf4031QJzJTkp:eFwFn76At7114z
                                                                                                                                                                                                    MD5:5957D050512ED87D77ABC3FE3E790C41
                                                                                                                                                                                                    SHA1:4FB2D2FAF2688E145B7391511184B803C2F62F32
                                                                                                                                                                                                    SHA-256:3D8962F0AD8ECA0611A5BE1C5A5FDD61667FF560E75F70C956C2154B075E1226
                                                                                                                                                                                                    SHA-512:D7B61011B56FFEFEF2B584244E1A6D28B817358F7DB4B02F502D840664E50EC877C1E0F7BB6A8CA63C43045E3B3BEA5E69FE45D5ACCA3FC536EFE38C3A07665F
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@.......d.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...e.d...Z.e.e.d...B.Z.e.d...Z.e.e.B.Z.e.e.d.....Z.e.e.d.....Z.e.e.d...B.e.d.....Z.e.e.B.Z.e.e.d...B.Z.e.e.B.Z.e.e.d.....Z.d.d...Z.e...d.e.j.e.j.B...Z.G.d.d...d.e...Z.G.d.d...d.e...Z G.d.d...d.e...Z!G.d.d...d.e...Z"G.d.d...d.e...Z#G.d.d...d.e ..Z$G.d.d ..d e...Z%G.d!d"..d"e...Z&G.d#d$..d$e...Z'G.d%d&..d&e...Z(G.d'd(..d(e(..Z)G.d)d*..d*e ..Z*G.d+d,..d,e...Z+G.d-d...d.e...Z,G.d/d0..d0e...Z-G.d1d2..d2e...Z.G.d3d4..d4e...Z/G.d5d6..d6e...Z0G.d7d8..d8e...Z1G.d9d:..d:e...Z2G.d;d<..d<e...Z3G.d=d>..d>e...Z4G.d?d@..d@e...Z5G.dAdB..dBe...Z6G.dCdD..dDe...Z7G.dEdF..dFe...Z8G.dGdH..dHe...Z9G.dIdJ..dJe...Z:G.dKdL..dLe"..Z;G.dMdN..dNe...Z<G.dOdP..dPe...Z=G.dQdR..dRe...Z>G.dSdT..dTe...Z?G.dUdV..dVe?..Z@G.dWdX..dXe...ZAG.dYdZ..dZe...ZBG.d[d\..d\e...ZCG.d]d^..d^e...ZDG.d_d`..d`e...ZEG.dadb..dbeE..ZFG.dcdd..ddeE..ZGG.dedf..dfe...ZHG.dgdh..dhe...ZIG.didj..dje...ZJG.dkdl..dleJ..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\email\_parseaddr.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):12478
                                                                                                                                                                                                    Entropy (8bit):5.428357601712171
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:k8hkBPanIUuAmAN6gBaPiqv44Vununaar5mwj7mF47PitYCqgHtgZSHwcaZFube:jKMuBXPuutKK3EwL
                                                                                                                                                                                                    MD5:0D8BC598EE399F6E73AE8988DF2B29D9
                                                                                                                                                                                                    SHA1:5B999978E5562775200A64EB124A0AC15038B044
                                                                                                                                                                                                    SHA-256:A9BAA9B18D250AB8759655B29FBE98B3C95628A72815BD31BB41B3BF7233914A
                                                                                                                                                                                                    SHA-512:2535AF6DEAF18BB5FFA6BDDDBC309843617E06648B50CBB70E6AA14A005501BF826B7FC189F6E2733E46B655A9A4CE1B56B48A3CC71CC51F35482A438E9B2A9C
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@.......d.Z.g.d...Z.d.d.l.Z.d.d.l.Z.d.Z.d.Z.d.Z.g.d...Z.g.d...Z.d.d.d.d.d.d.d.d.d.d.d.d.d.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.G.d.d...d...Z.G.d.d...d.e...Z.d.S.)..cEmail address parsing code...Lifted directly from rfc822.py. This should eventually be rewritten......mktime_tz..parsedate..parsedate_tz..quote.....N.. ...., ....jan..feb..mar..apr..may..jun..jul..aug..sep..oct..nov..dec..january..february..march..aprilr......june..july..august..september..october..november..december....mon..tue..wed..thu..fri..sat..sun.p..................D............UT..UTC..GMT..Z..AST..ADT..EST..EDT..CST..CDT..MST..MDT..PST..PDTc....................C....,...t.|...}.|.s.d.S.|.d...d.u.r.d.|.d.<.t.|...S.)..QConvert a date string to a time tuple... Accounts for military timezones.. N.....r........_parsedate_tz..tuple....data..res..rJ.....email\_parseaddr.pyr....-....................r....c....................C........|.s.d.S.|.....}.|.s.d.S.|.d.....d..

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\email\_policybase.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):14762
                                                                                                                                                                                                    Entropy (8bit):5.0843223593228055
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:/b3dx+wPI6I2CaFNAyJAebMqnZbFkIJWAysMNmJd/GazkdZOIv+d/zfz90ArK5L6:/bt1g6IBiTAiZPWApMUjeazMZOsu1ra6
                                                                                                                                                                                                    MD5:315D6914F0509D4FABC2DB5BE7D579FC
                                                                                                                                                                                                    SHA1:F5398AA9AD1BE4782F8B6609AE2AF4621357396A
                                                                                                                                                                                                    SHA-256:3AF1E55ACD0EC5E8862EB59FF8DB9CD53A78E109802C6AB7CA5AD867E9B8111C
                                                                                                                                                                                                    SHA-512:78A5A240916ACD4CD0038A9AAAE9EC30B91918D461642F14D50617517DAB4A0DBB1768159F82CE56610AA16585883715B237DBF72291AC0F4B023707ECB57C7A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@.......d.Z.d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...g.d...Z.G.d.d...d...Z.d.d...Z.d.d...Z.G.d.d...d.e.e.j.d...Z.e.G.d.d...d.e.....Z.e...Z.d.S.)..wPolicy framework for the email package...Allows fine grained feature control of how the package parses and emits data.......N....header....charset...._has_surrogates....Policy..Compat32..compat32c.........................@...e.Z.d.Z.d.Z...f.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.....Z.S.)..._PolicyBase....Policy Object basic framework... This class is useless unless subclassed. A subclass should define. class attributes with defaults for any values that are to be. managed by the Policy object. The constructor will then allow. non-default values to be set for these attributes at instance. creation time. The instance will be callable, taking these same. attributes keyword arguments, and returning a new instance. identical to the called instance except for those values changed.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\email\base64mime.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):3220
                                                                                                                                                                                                    Entropy (8bit):5.3601785846025125
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:gInFLYxoMN59tl3kWReNFOsrQC/sMGQHb9uxJZtEtINnig2b41+M78ozxtEho:vFLsbReNFxrn2QcxftEiig2mV78oFtEu
                                                                                                                                                                                                    MD5:5B6C91BEEBCC1CCB65BD99FD0B1FFD57
                                                                                                                                                                                                    SHA1:993D363AC05E98ECD4E8E54C7F5548D0406535C0
                                                                                                                                                                                                    SHA-256:5E34BB28F4481406DD4F587B7D7034F1F2F7F96B10793A71C1801025D3D507EE
                                                                                                                                                                                                    SHA-512:7463DD1D587B2E02E9D6BE0DC2016AC0365646C967D4ECD1A9EE7DAA590A188C0BDC06A6F0D24FDDF265A80615A2BF5497B39439822BA6961776F211172ADA6E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....l...d.Z.g.d...Z.d.d.l.m.Z...d.d.l.m.Z.m.Z...d.Z.d.Z.d.Z.d.Z.d.d...Z.d.d.d...Z.d.e.f.d.d...Z.d.d...Z.e.Z.e.Z.d.S.).....Base64 content transfer encoding per RFCs 2045-2047...This module handles the content transfer encoding method defined in RFC 2045.to encode arbitrary 8-bit data using the three 8-bit bytes in four 7-bit.characters encoding known as Base64...It is used in the MIME standards for email to attach images, audio, and text.using some 8-bit character sets to messages...This module provides an interface to encode and decode both headers and bodies.with Base64 encoding...RFC 2045 defines a method for including character set information in an.`encoded-word' in a header. This method is commonly used for 8-bit real names.in To:, From:, Cc:, etc. fields, as well as Subject: lines...This module does not do the line wrapping or end-of-line character conversion.necessary for proper internationalized headers; it only does dumb encoding and.dec

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\email\charset.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):11551
                                                                                                                                                                                                    Entropy (8bit):5.35249710360486
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:jZq2eQFtz+wYzF8cGmchcQx6Pk/pOHoU7uOb9XJ//abe8+opjno54Cw:dZeQFh+ZRVGfz/pA7uOb6by5Rw
                                                                                                                                                                                                    MD5:3CCF8AC0D7014D6973CE7A0D8E77AB77
                                                                                                                                                                                                    SHA1:54F50EE0A942DD61C569D39348B497BD4036BB43
                                                                                                                                                                                                    SHA-256:7013B04455A43698152BE12CBA476AA36CD61CAB038AAC853D12F18C687D20AD
                                                                                                                                                                                                    SHA-512:0543F3F9B57D1676882ECA96052D5D649246EE30123DA9C21B6DCCC76C6B4C3BBE9B1ED67E2D0859FB903DA211D01EA26CEADFD066CEEA7E8FAE42493C53521E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@........g.d...Z.d.d.l.m.Z...d.d.l.Z.d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z...d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.i.d.e.e.d.f...d.e.e.d.f...d.e.e.d.f...d.e.e.d.f...d.e.e.d.f...d.e.e.d.f...d.e.e.d.f...d.e.e.d.f...d.e.e.d.f...d.e.e.d.f...d.e.e.d.f...d.e.e.d.f...d.d...d.e.e.d.f...d.e.e.d.f...d.e.d.d.f...d.e.d.d.f...e.d.d.f.e.e.d.f.e.e.d.f.d ....Z.i.d!d...d"d...d#d...d$d...d%d...d&d...d'd...d(d...d)d...d*d...d+d...d,d...d-d...d.d...d/d...d0d...d1d...d.d.d.d2d.d3d.d4....Z.d5d6d.d7..Z.d.d8d9..Z.d:d;..Z.d<d=..Z.d>d?..Z.G.d@dA..dA..Z.d.S.)B....Charset..add_alias..add_charset..add_codec.........partialN....errors....encode_7or8bit......................us-ascii..unknown-8bit....iso-8859-1..iso-8859-2..iso-8859-3..iso-8859-4..iso-8859-9..iso-8859-10..iso-8859-13..iso-8859-14..iso-8859-15..iso-8859-16..windows-1252..viscii..NNN..big5..gb2312..euc-jp..iso-2022-jp..shift_jis..utf-8..r%...z.koi8-rr'.....latin_1..latin-1..latin_2..latin-2..latin_3..latin-3..latin_4..latin-4..latin_

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\email\contentmanager.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):7361
                                                                                                                                                                                                    Entropy (8bit):5.298634353178582
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:FFuZuYEHBgaEBI3Dux4bcUFrEfsX/05X0C2LN:TmuY2E+3Dux4bZvX/05XsLN
                                                                                                                                                                                                    MD5:6A73749CCA27296E9CB717534717C020
                                                                                                                                                                                                    SHA1:2DE754F7D794D029CF612F8294D3C604AD091DF2
                                                                                                                                                                                                    SHA-256:D5793B8DC1F3262EFD736476FA3D6CE92CB2E1C4B34D8ECA076023AC5FEAE8E4
                                                                                                                                                                                                    SHA-512:24F80EA887E1EBF574BD2DED172F4868AB133972C0EA89DF3FE326345C03804673E706552B56094E7C51013DC3EF32C5040EC9C298C8372D02097A0472621047
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....>...d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...G.d.d...d...Z.e...Z.d%d.d...Z.e...d.e.....d.d...Z.d.....D.].Z.e...e.e.....q3d.d...Z.d.....D.].Z.e...d.e...e.....qDd.d...Z.e...d.e.....d.d...Z.d.d...Z.d.d...Z.d.d...Z.......d&d.d...Z.e...e.e...........d'd d!..Z.e...e.j.j.e......"....d(d#d$..Z.e.e.e.f.D.].Z.e...e.e.....q.d.S.)).....N....quoprimimec....................@....<...e.Z.d.Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.S.)...ContentManagerc....................C........i.|._.i.|._.d.S.).N....get_handlers..set_handlers....self..r......email\contentmanager.py..__init__...............ContentManager.__init__c....................C........|.|.j.|.<.d.S.).N..r......r......key..handlerr....r....r......add_get_handler.............ContentManager.add_get_handlerc....................O.......|.....}.|.|.j.v.r.|.j.|...|.g.|...R.i.|.....S.|.....}.|.|.j.v.r.|.j.|...|.g.|...R.i.|.....S.d.|.j.v.rA|.j.d...|.g.|...R.i.|.....S.t.|.....).N......get_content_

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\email\encoders.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1607
                                                                                                                                                                                                    Entropy (8bit):5.050932192600656
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:24:g5y7gaT9r3CrNNTxw7WXT7dq6BFDEK10ZYSaXFVJ4DZoT3kOCDwOjB:g5/sWlW7WX9qQFYKaYSkhEDwOt
                                                                                                                                                                                                    MD5:65242D873C85F444E5BB3D08DC19B0E6
                                                                                                                                                                                                    SHA1:D13736330B8612639C1EA365E959CDA62BFF64B3
                                                                                                                                                                                                    SHA-256:4826318BA5D4519E1EDB7BEFC4DDD450332EE2E612DD5BA8FBC3FD57415F4127
                                                                                                                                                                                                    SHA-512:732C613A7D477E492F1B71C7BF3B3A8BF58470B5663D47A1C87B38692FDFD53370560D2BF9E0FF28E1B05E244DB963EE0D1F8FC25886F6E97B6B0ED37DE18B9A
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....P...d.Z.g.d...Z.d.d.l.m.Z...d.d.l.m.Z...d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.S.).. Encodings and related functions.....encode_7or8bit..encode_base64..encode_noop..encode_quopri.........encodebytes....encodestringc....................C........t.|.d.d...}.|...d.d...S.).NT....quotetabs..... .....=20...._encodestring..replace....s..enc..r......email\encoders.py.._qencode.............r....c....................C....0...|.j.d.d...}.t.t.|...d...}.|...|.....d.|.d.<.d.S.)..lEncode the message's payload in Base64... Also, add an appropriate Content-Transfer-Encoding header.. T....decode..ascii..base64..Content-Transfer-EncodingN....get_payload..str.._bencode..set_payload....msg..orig..encdatar....r....r....r.....................r....c....................C....*...|.j.d.d...}.t.|...}.|...|.....d.|.d.<.d.S.)..vEncode the message's payload in quoted-printable... Also, add an appropriate Content-Transfer-Encoding header.. Tr......quoted-printa

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\email\errors.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5676
                                                                                                                                                                                                    Entropy (8bit):4.742287667772295
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:aYI+E7YT1ZoHqqBqqfqquqquqqiXIyJ87aqq+qqOqqW1bqq9qq0sqqwJEqq5Fqqt:aYTEO+HqqBqqfqquqquqqByJ87aqq+q4
                                                                                                                                                                                                    MD5:2ADB0AEDCEB94F916B874EFEF9BDFC3E
                                                                                                                                                                                                    SHA1:F0599E7A2FD6DCF4F175B34C658EE07447F61D51
                                                                                                                                                                                                    SHA-256:D2CB7644A80B5C7879EBB3816E3B73BC3A0A42A6943D6856AD25248B409500DD
                                                                                                                                                                                                    SHA-512:3F69E9E21BCF352F8F1FF06252BF702D34A420299BC889A360D8D913839937ED552FEFD15AB9A16C98CF2241B8E00D18B589F9AA287C9A8A49F920AE18A986D3
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@.......d.Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.e.Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d ..d e...Z.G.d!d"..d"e...Z.G.d#d$..d$e...Z.G.d%d&..d&e...Z.G.d'd(..d(e...Z.G.d)d*..d*e...Z.G.d+d,..d,e...Z.G.d-d...d.e...Z.G.d/d0..d0e...Z.G.d1d2..d2e...Z.G.d3d4..d4e...Z.d5S.)6. email package exception classes.c....................@........e.Z.d.Z.d.Z.d.S.)...MessageError.+Base class for errors in the email package.N....__name__..__module__..__qualname__..__doc__..r....r......email\errors.pyr.................r....c....................@...r....)...MessageParseError.&Base class for message parsing errors.Nr....r....r....r....r....r........r....r....c....................@...r....)...HeaderParseError..Error while parsing headers.Nr....r....r....r....r....r........r....r....c...................

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\email\feedparser.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):10549
                                                                                                                                                                                                    Entropy (8bit):5.475890918893798
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:CQt3ufpui5ERmXZvdZDd6ZCwKTbefqMU04c3H2hjD8g4B:9t+Bui5ZlZDcCwSbeiM/H29D8xB
                                                                                                                                                                                                    MD5:3030FB5B261CF98F8EE5EB5639C8A589
                                                                                                                                                                                                    SHA1:3D701257029AF3C770BF080B481F4716E130BD12
                                                                                                                                                                                                    SHA-256:143A79BAE215BC3F85CF08561DBE4AA0D87BF6E6F9ACD60E1AC713CE2C08407E
                                                                                                                                                                                                    SHA-512:83B71605EE28AB424D26E66161F45C089228F2B703A3B6529513C9F995BBA78B5D871048B74BDCB152E6505DF91212A61DF5EE7470912DBB5F9E788331E59E73
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@.......d.Z.d.d.g.Z.d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...e...d...Z.e...d...Z.e...d...Z.e...d...Z.e...d...Z.d.Z.d.Z.e...Z.G.d.d...d.e...Z.G.d.d...d...Z.G.d.d...d.e...Z.d.S.)......FeedParser - An email feed parser...The feed parser implements an interface for incrementally parsing an email.message, line by line. This has advantages for certain applications, such as.those reading email messages off a socket...FeedParser.feed() is the primary interface for pushing new data into the.parser. It returns when there's nothing more it can do with the available.data. When you have no more data to push into the parser, call .close()..This completes the parsing and returns the root message object...The other advantage of this parser is that it will never raise a parsing.exception. Instead, when it finds something unexpected, it adds a 'defect' to.the current message. Defects are just instances that live on the message.object's .defects a

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\email\generator.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):12570
                                                                                                                                                                                                    Entropy (8bit):5.366193521624641
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:9jni4Wf6dOGOMLqmnnM4VNcn53eMN+QcwntAgH/ceafZwml7pviBc1:97fWwOGjWeHVeh9N+QcwntXgwmQw
                                                                                                                                                                                                    MD5:071B64067178E89D8D8FF94285908419
                                                                                                                                                                                                    SHA1:8B4EF1E8894C3B222B7487CD43C14645377C32D3
                                                                                                                                                                                                    SHA-256:065933929E55E03D60EB348AB2EE3F87681DDEF02C7164F5DDDE3DE373561B3A
                                                                                                                                                                                                    SHA-512:946B718A04FE5005BE0591754E61D2C51449144D3F48E7ABB051D4C3AC00DC368D6E721D8BF1A12041EE4DF337FDEF9D2A7A3126700663446416531052C0D516
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@........d.Z.g.d...Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z.m.Z...d.d.l.m.Z...d.Z.d.Z.e...d...Z.e...d.e.j...Z.G.d.d...d...Z.G.d.d...d.e...Z.d.Z.G.d.d...d.e...Z.e.e.e.j.d.......Z.d.e...Z.e.j.Z.d.S.)..:Classes to generate plain text from a message object tree.....Generator..DecodedGenerator..BytesGenerator.....N....deepcopy....StringIO..BytesIO...._has_surrogates.._.....\r\n|\r|\n..^From c....................@.......e.Z.d.Z.d.Z.d'd.d...d.d...Z.d.d...Z.d(d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.e.Z.d.d...Z.d.d...Z.d.d ..Z.d!d"..Z.e.d)d#d$....Z.e.d%d&....Z.d.S.)*r......Generates output from a Message object tree... This basic generator writes the message to the given file object as plain. text.. N....policyc....................C....6...|.d.u.r.|.d.u.r.d.n.|.j.}.|.|._.|.|._.|.|._.|.|._.d.S.)......Create the generator for message flattening... outfp is the output file-like object for writing t

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\email\header.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):16421
                                                                                                                                                                                                    Entropy (8bit):5.408195412547922
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:WEojVdCuwA8tzfSNlwn8w4EElPb/bl0rSXAc7uqKjQNWnPXbOidChI18DkVh:WE28tjS3wn8w4vhbcAguW9Vh
                                                                                                                                                                                                    MD5:AA1B628F56E4FF40585807C072336F6B
                                                                                                                                                                                                    SHA1:78E36D6DD448BEA2B2092596F76875C01F29FFC1
                                                                                                                                                                                                    SHA-256:21DCCE4C51903F5789636ABEF46C7DC99E6597ECD0DE45BC0570579CEBFE3370
                                                                                                                                                                                                    SHA-512:B1ABA136B253DBA2228BFF63268AE5C56D40A2949F4001732B41A92498134472042E2598B88C5AC90B2D753CC5CAB65902F39AEA2650CA3388603B96AF3C848E
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@........d.Z.g.d...Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z...e.j.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.e.d...Z.e.d...Z.e...d.e.j.e.j.B...Z.e...d...Z.e...d...Z.e.j.j.Z.d.d...Z.....d.d.d...Z.G.d.d...d...Z.G.d.d...d...Z G.d.d...d.e!..Z"d.S.)..+Header encoding and decoding functionality.....Header..decode_header..make_header.....N....HeaderParseError....charset..... ..... .. ...N..... ...us-ascii..utf-8.i.... =\? # literal =?. (?P<charset>[^?]*?) # non-greedy up to the next ? is the charset. \? # literal ?. (?P<encoding>[qQbB]) # either a "q" or a "b", case insensitive. \? # literal ?. (?P<encoded>.*?) # non-greedy up to the next ?= is the encoded string. \?= # literal ?=. ..[\041-\176]+:$..\n[^ \t]+:c....................C.......t.|.d...r.d.d...|.j.D...S.t...|...s.|.d.f.g.S.g.}.|.....D.]A}.t...|...}.d.}.|.r^|...d...}.|.r5|.....}.d.}.|.r?|...|.d.d.f.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\email\headerregistry.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):21838
                                                                                                                                                                                                    Entropy (8bit):5.160948854123433
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:384:stn16ElmJgvtMCFMlJj2voTpzzH3ON0MbfP3uY1oaWXf95yHF:stn1tO0FMvqvoNH3ONZbSml
                                                                                                                                                                                                    MD5:6B7B638CA42B9D71EBED9FED7EE28823
                                                                                                                                                                                                    SHA1:6A866E869E39CF24298A426FD3F5719EFAAE89E6
                                                                                                                                                                                                    SHA-256:FE620999075F4C874B007293452CB3F81AD102782BAAE0A9459B9BC8AA45E9B5
                                                                                                                                                                                                    SHA-512:7254CB00A9F51553D94B7D066D10A47F2C120FB8A80647344E06B9BA5EFD96DBEA06454564904C1D4B6F9559A02488B67469CAD5BCE0D245462EDC20E3C15A82
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@........d.Z.d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...G.d.d...d...Z.G.d.d...d...Z.G.d.d...d.e...Z.d.d...Z.G.d.d...d...Z.G.d.d...d.e...Z.G.d.d...d...Z.G.d.d...d.e...Z.G.d.d...d...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d...Z.G.d d!..d!..Z.G.d"d#..d#e...Z.G.d$d%..d%e...Z.G.d&d'..d'..Z.G.d(d)..d)..Z.i.d*e...d+e...d,e...d-e...d.e...d/e...d0e...d1e...d2e...d3e...d4e...d5e...d6e...d7e...d8e...d9e...d:e...e.e.e.d;....Z.G.d<d=..d=..Z.d>S.)?..Representing and manipulating email headers via custom objects...This module provides an implementation of the HeaderRegistry API..The implementation is designed to flexibly follow RFC5322 rules...........MappingProxyType....utils....errors...._header_value_parserc....................@....^...e.Z.d.Z.d.d.d...Z.e.d.d.....Z.e.d.d.....Z.e.d.d.....Z.e.d.d.....Z.d.d...Z.d.d...Z.d.d...Z.d.S.)...Address..Nc....................C.......d...t.d.|.|.|.|.f.....}.d.|.v.s.d.|.v.r.t.d.....|.d.u.rC|.s |.r$t.d.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\email\iterators.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):1948
                                                                                                                                                                                                    Entropy (8bit):5.320183547419749
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:gahA49ILWjxazvfuDpoSQLfMbhTGogy1eLUhz/CIi:prIWdi+DPsMbhPg82
                                                                                                                                                                                                    MD5:0476633308A180C6747EE321B8E378C6
                                                                                                                                                                                                    SHA1:E8321A6E1A8F50C93107EADDA64CEF16B69FA4F7
                                                                                                                                                                                                    SHA-256:3E9565D45AD26A172DBA43910263F8CC7A24DB52F1EAB78967C16C36B23AE911
                                                                                                                                                                                                    SHA-512:0141FD8B71E1B0E8009C6583644C4CC32D2384BC0981A3F71EC33D3A0A3FBA9DA8A9363C9F8315842F82C9E181CA94ADC72F5BE27AB1756269D9625DBE9E3FF7
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....J...d.Z.g.d...Z.d.d.l.Z.d.d.l.m.Z...d.d...Z.d.d.d...Z.d.d.d...Z.d.d.d...Z.d.S.)..1Various types of useful iterators and generators.....body_line_iterator..typed_subpart_iterator..walk.....N....StringIOc....................c....4.....|.V...|.....r.|.....D.].}.|.....E.d.H...q.d.S.d.S.)...Walk over the message tree, yielding each subpart... The walk is performed in depth-first order. This method is a. generator.. N....is_multipart..get_payloadr........self..subpart..r......email\iterators.pyr...........................r....Fc....................c....8.....|.....D.].}.|.j.|.d...}.t.|.t...r.t.|...E.d.H...q.d.S.)...Iterate over the parts, returning string payloads line-by-line... Optional decode (default False) is passed through to .get_payload().. ....decodeN..r....r......isinstance..strr........msgr....r......payloadr....r....r....r...."......................r......textc....................c....:.....|.....D.].}.|.....|.k.r.|.d.u.s.

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\email\message.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):37754
                                                                                                                                                                                                    Entropy (8bit):5.321669694122612
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:768:mUGhq3cffG9nAn2Rmzq0Y8kcol91IyggNhN:mtBffG9xehTTA92oN
                                                                                                                                                                                                    MD5:2C213B514919CC8D972E518DAA1BE9B7
                                                                                                                                                                                                    SHA1:14DCFD435FE5E24063F9A8C67B346274DFCEAB19
                                                                                                                                                                                                    SHA-256:B99D4872773D7C2940559FCB143F54C0BECD5DAAB973B8693E4C29ADB98E61F0
                                                                                                                                                                                                    SHA-512:65BB4B30128AEDDD22DD9273D06732079BB394366C1A1F24B0054AFCC0221BC120CF61EADB985408A7C0A4E96EF31975C82F14467C1CECEFCF6FAD06AC8C22CE
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@........d.Z.d.d.g.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z...d.d.l.m.Z...d.d.l.m.Z...e.j.Z.d.Z.e...d...Z.d.d...Z.d.d.d...Z.d.d...Z.d.d...Z.G.d.d...d...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.d.S.)..8Basic message object for the email package object model...Message..EmailMessage.....N....BytesIO..StringIO....utils....errors....Policy..compat32....charset....decode_b..; ..[ \(\)<>@,;:\\"/\[\]\?=]c....................C....4...t.|.....d...\.}.}.}.|.s.|.....d.f.S.|.....|.....f.S.).N..;....str..partition..strip....param..a..sep..b..r!.....email\message.py.._splitparam.................r#...Tc....................C........|.d.u.r^t.|...d.k.r^t.|.t...r&|.d.7.}.t...|.d...|.d...|.d.....}.d.|.|.f...S.z.|...d.....W.n...t.yG......|.d.7.}.t...|.d.d...}.d.|.|.f.....Y.S.w.|.sOt...|...rXd.|.t...|...f...S.d.|.|.f...S.|.S.)..~...Convenience function to format and return a key=value pair... This will quote the value if needed or if qu

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\email\parser.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):5656
                                                                                                                                                                                                    Entropy (8bit):4.935115598818016
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:48:g7O7L2QFUCnoK4b7TGPerSZUWyT9Bzug4DcCTDQFlhnoKL2pG6kTy+erSIoVgTns:84LQtB7ue5PlWToe3oF++eto2FZSVk6b
                                                                                                                                                                                                    MD5:441304A5F9E2971955CE423AF65A73CC
                                                                                                                                                                                                    SHA1:457B51D876A5C24488B168BCF0568954A6C13185
                                                                                                                                                                                                    SHA-256:6D5279E7E4AA776449F132E09F881525EE5F9B4CCED9F782DA05D36B3CAAC523
                                                                                                                                                                                                    SHA-512:7D86CE54BDAF01B55D521FEE488B4512B4BD55B00A96578F5FC5B2A1FC03797B37503EBD75CA88700557CDB91827952DB21663F16F5C1C10741BD9A0922FA7E0
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....x...d.Z.g.d...Z.d.d.l.m.Z.m.Z...d.d.l.m.Z.m.Z...d.d.l.m.Z...G.d.d...d...Z.G.d.d...d.e...Z.G.d.d...d...Z.G.d.d...d.e...Z.d.S.)..-A parser of RFC 2822 and MIME email messages.....Parser..HeaderParser..BytesParser..BytesHeaderParser..FeedParser..BytesFeedParser.........StringIO..TextIOWrapper..r....r........compat32c....................@....0...e.Z.d.Z.d.e.d...d.d...Z.d.d.d...Z.d.d.d...Z.d.S.).r....N....policyc....................C........|.|._.|.|._.d.S.).....Parser of RFC 2822 and MIME email messages... Creates an in-memory object tree representing the email message, which. can then be manipulated and turned over to a Generator to return the. textual representation of the message... The string must be formatted as a block of RFC 2822 headers and header. continuation lines, optionally preceded by a `Unix-from' header. The. header block is terminated either by the end of the string or by a. blank

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\email\policy.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):9633
                                                                                                                                                                                                    Entropy (8bit):4.931258605408404
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:oXlDAHhSVVbT6AGKJU/LYMp1Btoozt8FcQ+evaaLb2ec8v:oXlsHhQZT6SJUNDBWoztHevaM
                                                                                                                                                                                                    MD5:4CC32D9DC22FECB43DC2665C49C0E6DF
                                                                                                                                                                                                    SHA1:F64AA150A478D3C01FA7697A9CB4C772009CC72C
                                                                                                                                                                                                    SHA-256:A2E972DA28F1D082E21FE48A94D54948EA07FABD9461580CD06B59EB5DDB4AC7
                                                                                                                                                                                                    SHA-512:91820248B18204CD92DA6805ADBC54799EDB86567DCF55721BA2C2810AD5E81068C9B3167C2906FD1285B97F5ADEDC6F94923D1B34FA39E7C130627B49006958
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@........d.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z.m.Z.m.Z.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...g.d...Z.e...d...Z.e.G.d.d...d.e.....Z.e...Z.e.`.e.j.d.d...Z.e.j.d.d...Z.e.j.d.d.d...Z.e.j.d.d...Z.d.S.)..cThis will be the home for the policy that hooks in the new.code that adds all the email6 features.......N....Policy..Compat32..compat32.._extend_docstrings...._has_surrogates....HeaderRegistry....raw_data_manager....EmailMessage..r....r....r......EmailPolicy..default..strict..SMTP..HTTP..\n|\rc.........................p...e.Z.d.Z.d.Z.e.Z.d.Z.d.Z.e...Z.e.Z...f.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d.d...Z.....Z.S.).r.....Q...+. PROVISIONAL.. The API extensions enabled by this policy are currently provisional.. Refer to the documentation for details... This policy adds new header parsing and folding algorithms. Instead of. simple strings, headers are custom objects with custom attributes. depending on the type

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\email\quoprimime.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):7599
                                                                                                                                                                                                    Entropy (8bit):5.51186480963117
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:DLJLyjCY2rlgeRk/SE8HiIf3HH94gxyV7pmZ5ZftOcF/NkFUyq2n1/RY9XDr7d7V:fJYUGQ2SEeagoV7pzyyFhRKTrPPMmlL
                                                                                                                                                                                                    MD5:2A2AC2D91A781D816AA570B3D7B274A8
                                                                                                                                                                                                    SHA1:E3B62D74AF0D18764C964CF46930900ADEC80CD1
                                                                                                                                                                                                    SHA-256:C5E78AD3FF81BE188BA1876D505F7394C07BF4F55B38E1B4B23C6F7D8A6FE4A2
                                                                                                                                                                                                    SHA-512:B638DF6C89013315D75DBD7179D57D03FF153DC1D12682F7556B5091B78A59F7FCE3FBA605BA88FCF227F3F1C2F9751E4F49974F9C76B333C3453101D06FC43B
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....F...d.Z.g.d...Z.d.d.l.Z.d.d.l.m.Z.m.Z.m.Z...d.Z.d.Z.d.Z.d.d...e.d...D...Z.e.d.d.....Z.e.d.d.....Z.d.e...d.....e...d.....D.].Z.e.e...e.e.<.q;d.e.e.d...<.d.D.].Z.e.e...e.e.<.qLd.d...Z.d.d...Z.d.d...Z.d.d...Z.d+d.d...Z.d.d...Z.d.d...Z.d,d.d ..Z.e.d.d.....Z.d!D.].Z.e.e...e.e.<.q.d"e.f.d#d$..Z.e.f.d%d&..Z.e.Z.e.Z.d'd(..Z.d)d*..Z d.S.)-.F...Quoted-printable content transfer encoding per RFCs 2045-2047...This module handles the content transfer encoding method defined in RFC 2045.to encode US ASCII-like 8-bit data called `quoted-printable'. It is used to.safely encode text that is in a character set similar to the 7-bit US ASCII.character set, but that includes some 8-bit characters that are normally not.allowed in email bodies or headers...Quoted-printable is very space-inefficient for encoding binary files; use the.email.base64mime module for that instead...This module provides an interface to encode and decode both headers and bodies.with quoted-p

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\email\utils.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):9666
                                                                                                                                                                                                    Entropy (8bit):5.5630765218102995
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:192:7bGMhTYU1ba/bcRIpnc8PNMw1gBQl7EdE1J/mezcA5aJCSStw3TG/3Q48mt8U:mQTQTcqFSwaBQl7ogVVvAfGyGfft8U
                                                                                                                                                                                                    MD5:B573D5BD8B7562F42D39411D50A09D28
                                                                                                                                                                                                    SHA1:9B70CF2621A611B86C3888C284E2D331E69470FA
                                                                                                                                                                                                    SHA-256:C9EBAF9F1E9F19F2C492DB9C2BA066D6EAB844EF4BE241F160D6613A0C47160B
                                                                                                                                                                                                    SHA-512:5EFE8F8F33D660DCBA373E14953B53C9B492D57D6B7362715D6DE6981443CEE8766BEDC745B43779675315689C9388E4185F8B641F9CFCFBAFF45755E4940CE4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....T...d.Z.g.d...Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z.m.Z...d.d.l.m.Z...d.Z.d.Z.d.Z.d.Z.d.Z.e...d...Z.e...d...Z.d.d...Z.d.d...Z.d5d.d...Z.d.d...Z.d.d...Z d6d.d...Z!d7d.d...Z"d8d.d ..Z#d!d"..Z$d#d$..Z%d%d&..Z&d'd(..Z'd8d)d*..Z(e...d+e.j)..Z*d,d-..Z+.../d9d0d1..Z,d:d3d4..Z-d.S.);..Miscellaneous utilities.....collapse_rfc2231_value..decode_params..decode_rfc2231..encode_rfc2231..formataddr..formatdate..format_datetime..getaddresses..make_msgid..mktime_tz..parseaddr..parsedate..parsedate_tz..parsedate_to_datetime..unquote.....N....quote....AddressList..r......r....r......_parsedate_tz....Charset.., ........'..[][\\()<>@,:;".]..[\\"]c....................C....$...z.|.......W.d.S...t.y.......Y.d.S.w.)..8Return True if s contains surrogate-escaped binary data.FT....encode..UnicodeEncodeError....s..r*.....email\utils.py.._has_surrogates3....................r,...c....................C...

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_MEI78362\fnmatch.pyc

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4224
                                                                                                                                                                                                    Entropy (8bit):5.672816850634758
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:96:tZ1NvFl7gPHnfnTdD7RykUATq7Y1qYmWVzHRJwLaL1F3rGz6:t1vFl7g/fnTF7gkDzTRFxm6
                                                                                                                                                                                                    MD5:E75B05D9847E69F881417036910CF144
                                                                                                                                                                                                    SHA1:BDD6B3B95B7A97DF99519A6DEFCE8BEE711595BF
                                                                                                                                                                                                    SHA-256:38E88B1607E9CAE72DAD8E232949F85DBE3F4A3A09028601A9D42A8B49340ED8
                                                                                                                                                                                                    SHA-512:5E10410232012FE00C4F1B2D99B1AA36A4496A2CACB561C5769663F350A60A3C3CFF0BBCEB0FEBE4804F567FEFFA0EDC758A16AA43156DBCF9718F05EB1DA2E4
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:o....................................@....|...d.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.g.d...Z.d.d.l.m.Z...e...j.Z.[.d.d...Z.e.j.d.d.d...d.d.....Z.d.d...Z.d.d...Z.d.d...Z.d.S.).....Filename matching with shell patterns...fnmatch(FILENAME, PATTERN) matches according to the local convention..fnmatchcase(FILENAME, PATTERN) always takes case in account...The functions operate by translating the pattern into a regular.expression. They cache the compiled regular expressions for speed...The function translate(PATTERN) returns a regular expression.corresponding to PATTERN. (It does not compile it.)......N....filter..fnmatch..fnmatchcase..translate....countc....................C...."...t.j...|...}.t.j...|...}.t.|.|...S.).....Test whether FILENAME matches PATTERN... Patterns are Unix shell style:.. * matches everything. ? matches any single character. [seq] matches any character in seq. [!seq] matches any char not in seq.. An initial period in FILENAME is not spec

                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\_otwtmv2

                                                                                                                                                                                                    Download File
                                                                                                                                                                                                    Process:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                    Size (bytes):4
                                                                                                                                                                                                    Entropy (8bit):2.0
                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                    SSDEEP:3:qn:qn
                                                                                                                                                                                                    MD5:3F1D1D8D87177D3D8D897D7E421F84D6
                                                                                                                                                                                                    SHA1:DD082D742A5CB751290F1DB2BD519C286AA86D95
                                                                                                                                                                                                    SHA-256:F02285FB90ED8C81531FE78CF4E2ABB68A62BE73EE7D317623E2C3E3AEFDFFF2
                                                                                                                                                                                                    SHA-512:2AE2B3936F31756332CA7A4B877D18F3FCC50E41E9472B5CD45A70BEA82E29A0FA956EE6A9EE0E02F23D9DB56B41D19CB51D88AAC06E9C923A820A21023752A9
                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                    Preview:blat

                                                                                                                                                                                                    Static File Info

                                                                                                                                                                                                    General

                                                                                                                                                                                                    File type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                    Entropy (8bit):7.9969960783983405
                                                                                                                                                                                                    TrID:
                                                                                                                                                                                                    • Win64 Executable GUI (202006/5) 92.65%
                                                                                                                                                                                                    • Win64 Executable (generic) (12005/4) 5.51%
                                                                                                                                                                                                    • Generic Win/DOS Executable (2004/3) 0.92%
                                                                                                                                                                                                    • DOS Executable Generic (2002/1) 0.92%
                                                                                                                                                                                                    • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                    File name:fAatfRnCZ5.exe
                                                                                                                                                                                                    File size:58'294'217 bytes
                                                                                                                                                                                                    MD5:ce1c7e9a3fd9c2d0e3ad4b9deff11abf
                                                                                                                                                                                                    SHA1:b9a35b3907a6611be1c9f36ef3c1455a99ae2756
                                                                                                                                                                                                    SHA256:34c4c90a0f30142be902016f1d223176598c74506bbf516cca52fb89bdd72f55
                                                                                                                                                                                                    SHA512:987928c46d25c157bb90410e89f83263959faf5cda58a5fe6ff7b5840aeb2828cad931c77cd232d04d81ce0d4372070a11b40c2137d753de0c1c3b66d3119635
                                                                                                                                                                                                    SSDEEP:1572864:uXG+DVNXukNqWb9CLXSCU/+Pyz0SljCxbQ:uddukNqDSC++Py5j0
                                                                                                                                                                                                    TLSH:6CD73393B9DC0267E1B2B9BCF4498A08F8EAB45ACF53D39621E0418709977819DFDF50
                                                                                                                                                                                                    File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......t..30t.`0t.`0t.`{..a7t.`{..a.t.`{..a:t.` ..`3t.` ..a9t.` ..a!t.` ..a.t.`{..a;t.`0t.`.t.`{..a)t.`{..a1t.`Rich0t.`........PE..d..

                                                                                                                                                                                                    File Icon

                                                                                                                                                                                                    Icon Hash:71f8d2d2c6ecf031

                                                                                                                                                                                                    Static PE Info

                                                                                                                                                                                                    General

                                                                                                                                                                                                    Entrypoint:0x14000dc40
                                                                                                                                                                                                    Entrypoint Section:.text
                                                                                                                                                                                                    Digitally signed:false
                                                                                                                                                                                                    Imagebase:0x140000000
                                                                                                                                                                                                    Subsystem:windows gui
                                                                                                                                                                                                    Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE
                                                                                                                                                                                                    DLL Characteristics:HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                    Time Stamp:0x675634F4 [Mon Dec 9 00:08:20 2024 UTC]
                                                                                                                                                                                                    TLS Callbacks:
                                                                                                                                                                                                    CLR (.Net) Version:
                                                                                                                                                                                                    OS Version Major:6
                                                                                                                                                                                                    OS Version Minor:0
                                                                                                                                                                                                    File Version Major:6
                                                                                                                                                                                                    File Version Minor:0
                                                                                                                                                                                                    Subsystem Version Major:6
                                                                                                                                                                                                    Subsystem Version Minor:0
                                                                                                                                                                                                    Import Hash:b35782a64f6490d7964c291e00dd0025

                                                                                                                                                                                                    Entrypoint Preview

                                                                                                                                                                                                    Instruction
                                                                                                                                                                                                    dec eax
                                                                                                                                                                                                    sub esp, 28h
                                                                                                                                                                                                    call 00007F42D8E5A25Ch
                                                                                                                                                                                                    dec eax
                                                                                                                                                                                                    add esp, 28h
                                                                                                                                                                                                    jmp 00007F42D8E59E7Fh
                                                                                                                                                                                                    int3
                                                                                                                                                                                                    int3
                                                                                                                                                                                                    int3
                                                                                                                                                                                                    int3
                                                                                                                                                                                                    int3
                                                                                                                                                                                                    int3
                                                                                                                                                                                                    int3
                                                                                                                                                                                                    int3
                                                                                                                                                                                                    int3
                                                                                                                                                                                                    int3
                                                                                                                                                                                                    int3
                                                                                                                                                                                                    int3
                                                                                                                                                                                                    int3
                                                                                                                                                                                                    int3
                                                                                                                                                                                                    dec eax
                                                                                                                                                                                                    sub esp, 28h
                                                                                                                                                                                                    call 00007F42D8E5A628h
                                                                                                                                                                                                    test eax, eax
                                                                                                                                                                                                    je 00007F42D8E5A023h
                                                                                                                                                                                                    dec eax
                                                                                                                                                                                                    mov eax, dword ptr [00000030h]
                                                                                                                                                                                                    dec eax
                                                                                                                                                                                                    mov ecx, dword ptr [eax+08h]
                                                                                                                                                                                                    jmp 00007F42D8E5A007h
                                                                                                                                                                                                    dec eax
                                                                                                                                                                                                    cmp ecx, eax
                                                                                                                                                                                                    je 00007F42D8E5A016h
                                                                                                                                                                                                    xor eax, eax
                                                                                                                                                                                                    dec eax
                                                                                                                                                                                                    cmpxchg dword ptr [0003892Ch], ecx
                                                                                                                                                                                                    jne 00007F42D8E59FF0h
                                                                                                                                                                                                    xor al, al
                                                                                                                                                                                                    dec eax
                                                                                                                                                                                                    add esp, 28h
                                                                                                                                                                                                    ret
                                                                                                                                                                                                    mov al, 01h
                                                                                                                                                                                                    jmp 00007F42D8E59FF9h
                                                                                                                                                                                                    int3
                                                                                                                                                                                                    int3
                                                                                                                                                                                                    int3
                                                                                                                                                                                                    dec eax
                                                                                                                                                                                                    sub esp, 28h
                                                                                                                                                                                                    test ecx, ecx
                                                                                                                                                                                                    jne 00007F42D8E5A009h
                                                                                                                                                                                                    mov byte ptr [00038915h], 00000001h
                                                                                                                                                                                                    call 00007F42D8E59755h
                                                                                                                                                                                                    call 00007F42D8E5AA40h
                                                                                                                                                                                                    test al, al
                                                                                                                                                                                                    jne 00007F42D8E5A006h
                                                                                                                                                                                                    xor al, al
                                                                                                                                                                                                    jmp 00007F42D8E5A016h
                                                                                                                                                                                                    call 00007F42D8E6755Fh
                                                                                                                                                                                                    test al, al
                                                                                                                                                                                                    jne 00007F42D8E5A00Bh
                                                                                                                                                                                                    xor ecx, ecx
                                                                                                                                                                                                    call 00007F42D8E5AA50h
                                                                                                                                                                                                    jmp 00007F42D8E59FECh
                                                                                                                                                                                                    mov al, 01h
                                                                                                                                                                                                    dec eax
                                                                                                                                                                                                    add esp, 28h
                                                                                                                                                                                                    ret
                                                                                                                                                                                                    int3
                                                                                                                                                                                                    int3
                                                                                                                                                                                                    inc eax
                                                                                                                                                                                                    push ebx
                                                                                                                                                                                                    dec eax
                                                                                                                                                                                                    sub esp, 20h
                                                                                                                                                                                                    cmp byte ptr [000388DCh], 00000000h
                                                                                                                                                                                                    mov ebx, ecx
                                                                                                                                                                                                    jne 00007F42D8E5A069h
                                                                                                                                                                                                    cmp ecx, 01h
                                                                                                                                                                                                    jnbe 00007F42D8E5A06Ch
                                                                                                                                                                                                    call 00007F42D8E5A59Eh
                                                                                                                                                                                                    test eax, eax
                                                                                                                                                                                                    je 00007F42D8E5A02Ah
                                                                                                                                                                                                    test ebx, ebx
                                                                                                                                                                                                    jne 00007F42D8E5A026h
                                                                                                                                                                                                    dec eax
                                                                                                                                                                                                    lea ecx, dword ptr [000388C6h]
                                                                                                                                                                                                    call 00007F42D8E67352h

                                                                                                                                                                                                    Data Directories

                                                                                                                                                                                                    NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_IMPORT0x40b340x78.rdata
                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_RESOURCE0x4b0000xcdb1.rsrc
                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_EXCEPTION0x480000x2268.pdata
                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_BASERELOC0x580000x770.reloc
                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_DEBUG0x3e1300x1c.rdata
                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x3dff00x140.rdata
                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_IAT0x2c0000x4b8.rdata
                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                    Sections

                                                                                                                                                                                                    NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                    .text0x10000x2ad900x2ae006c292d4d86679f74132342110d81a106False0.5512424836005831data6.489405095438984IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                    .rdata0x2c0000x15b7c0x15c00ca549e0d56205fa47bef4e8e93719352False0.4835219109195402data5.653702972188878IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                    .data0x420000x54380xe00334e36c907bd2fe277bb395a1022fb7fFalse0.14006696428571427data1.8977897981870555IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                    .pdata0x480000x22680x2400b656b1c7ddfed89de66a31a44074ea59False0.4696180555555556data5.3237366571282125IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                    .rsrc0x4b0000xcdb10xce0008397ddd2aeead2221e7929867ecab16False0.8962189016990292data7.636094108168635IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                    .reloc0x580000x7700x800fd38dd03a2209d0f0da1e25b4c2ae23cFalse0.55517578125data5.285514796186651IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                    Resources

                                                                                                                                                                                                    NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                    RT_ICON0x4b1900x7811PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced1.0005205452711716
                                                                                                                                                                                                    RT_ICON0x529a40x2444PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced1.0011848341232228
                                                                                                                                                                                                    RT_ICON0x54de80x2668Device independent bitmap graphic, 48 x 96 x 32, image size 97920.5605166802278275
                                                                                                                                                                                                    RT_GROUP_ICON0x574500x30data0.875
                                                                                                                                                                                                    RT_VERSION0x574800x424data0.45660377358490567
                                                                                                                                                                                                    RT_MANIFEST0x578a40x50dXML 1.0 document, ASCII text0.4694508894044857

                                                                                                                                                                                                    Imports

                                                                                                                                                                                                    DLLImport
                                                                                                                                                                                                    USER32.dllCreateWindowExW, ShutdownBlockReasonCreate, MsgWaitForMultipleObjects, ShowWindow, DestroyWindow, RegisterClassW, DefWindowProcW, PeekMessageW, DispatchMessageW, TranslateMessage, PostMessageW, GetMessageW, MessageBoxW, MessageBoxA, SystemParametersInfoW, DestroyIcon, SetWindowLongPtrW, GetWindowLongPtrW, GetClientRect, InvalidateRect, ReleaseDC, GetDC, DrawTextW, GetDialogBaseUnits, EndDialog, DialogBoxIndirectParamW, MoveWindow, SendMessageW
                                                                                                                                                                                                    COMCTL32.dll
                                                                                                                                                                                                    KERNEL32.dllGetACP, IsValidCodePage, GetStringTypeW, GetFileAttributesExW, SetEnvironmentVariableW, FlushFileBuffers, GetCurrentDirectoryW, LCMapStringW, CompareStringW, FlsFree, FlsSetValue, GetOEMCP, GetCPInfo, GetModuleHandleW, MulDiv, OutputDebugStringA, OutputDebugStringW, FormatMessageW, GetLastError, GetModuleFileNameW, LoadLibraryExW, SetDllDirectoryW, CreateSymbolicLinkW, GetProcAddress, GetEnvironmentStringsW, CreateDirectoryW, GetCommandLineW, GetEnvironmentVariableW, ExpandEnvironmentStringsW, DeleteFileW, FindClose, FindFirstFileW, FindNextFileW, GetDriveTypeW, RemoveDirectoryW, GetTempPathW, CloseHandle, QueryPerformanceCounter, QueryPerformanceFrequency, WaitForSingleObject, Sleep, GetCurrentProcess, TerminateProcess, GetExitCodeProcess, CreateProcessW, GetStartupInfoW, FreeLibrary, LocalFree, SetConsoleCtrlHandler, K32EnumProcessModules, K32GetModuleFileNameExW, CreateFileW, FindFirstFileExW, GetFinalPathNameByHandleW, MultiByteToWideChar, WideCharToMultiByte, FlsGetValue, FreeEnvironmentStringsW, GetProcessHeap, GetTimeZoneInformation, HeapSize, HeapReAlloc, WriteConsoleW, SetEndOfFile, SetErrorMode, RtlCaptureContext, RtlLookupFunctionEntry, RtlVirtualUnwind, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsProcessorFeaturePresent, GetCurrentProcessId, GetCurrentThreadId, GetSystemTimeAsFileTime, InitializeSListHead, IsDebuggerPresent, RtlUnwindEx, SetLastError, EnterCriticalSection, LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSectionAndSpinCount, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, RaiseException, RtlPcToFileHeader, GetCommandLineA, GetFileInformationByHandle, GetFileType, PeekNamedPipe, SystemTimeToTzSpecificLocalTime, FileTimeToSystemTime, ReadFile, GetFullPathNameW, SetStdHandle, GetStdHandle, WriteFile, ExitProcess, GetModuleHandleExW, HeapFree, GetConsoleMode, ReadConsoleW, SetFilePointerEx, GetConsoleOutputCP, GetFileSizeEx, HeapAlloc, FlsAlloc
                                                                                                                                                                                                    ADVAPI32.dllOpenProcessToken, GetTokenInformation, ConvertStringSecurityDescriptorToSecurityDescriptorW, ConvertSidToStringSidW
                                                                                                                                                                                                    GDI32.dllDeleteObject, SelectObject, CreateFontIndirectW

                                                                                                                                                                                                    Network Behavior

                                                                                                                                                                                                    Network Port Distribution

                                                                                                                                                                                                    TCP Packets

                                                                                                                                                                                                    TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                    Dec 19, 2024 12:34:35.558480978 CET49775443192.168.2.10104.21.21.198
                                                                                                                                                                                                    Dec 19, 2024 12:34:35.558521986 CET44349775104.21.21.198192.168.2.10
                                                                                                                                                                                                    Dec 19, 2024 12:34:35.558641911 CET49775443192.168.2.10104.21.21.198
                                                                                                                                                                                                    Dec 19, 2024 12:34:35.559855938 CET49775443192.168.2.10104.21.21.198
                                                                                                                                                                                                    Dec 19, 2024 12:34:35.559869051 CET44349775104.21.21.198192.168.2.10
                                                                                                                                                                                                    Dec 19, 2024 12:34:36.778646946 CET44349775104.21.21.198192.168.2.10
                                                                                                                                                                                                    Dec 19, 2024 12:34:36.779445887 CET49775443192.168.2.10104.21.21.198
                                                                                                                                                                                                    Dec 19, 2024 12:34:36.779474974 CET44349775104.21.21.198192.168.2.10
                                                                                                                                                                                                    Dec 19, 2024 12:34:36.780541897 CET44349775104.21.21.198192.168.2.10
                                                                                                                                                                                                    Dec 19, 2024 12:34:36.780626059 CET49775443192.168.2.10104.21.21.198
                                                                                                                                                                                                    Dec 19, 2024 12:34:36.781291008 CET49775443192.168.2.10104.21.21.198
                                                                                                                                                                                                    Dec 19, 2024 12:34:36.781436920 CET44349775104.21.21.198192.168.2.10
                                                                                                                                                                                                    Dec 19, 2024 12:34:36.781497955 CET49775443192.168.2.10104.21.21.198
                                                                                                                                                                                                    Dec 19, 2024 12:34:36.781512976 CET49775443192.168.2.10104.21.21.198

                                                                                                                                                                                                    UDP Packets

                                                                                                                                                                                                    TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                    Dec 19, 2024 12:34:35.228212118 CET5260653192.168.2.101.1.1.1
                                                                                                                                                                                                    Dec 19, 2024 12:34:35.554284096 CET53526061.1.1.1192.168.2.10

                                                                                                                                                                                                    DNS Queries

                                                                                                                                                                                                    TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                    Dec 19, 2024 12:34:35.228212118 CET192.168.2.101.1.1.10x85a2Standard query (0)viltrac.comA (IP address)IN (0x0001)false

                                                                                                                                                                                                    DNS Answers

                                                                                                                                                                                                    TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                    Dec 19, 2024 12:34:35.554284096 CET1.1.1.1192.168.2.100x85a2No error (0)viltrac.com104.21.21.198A (IP address)IN (0x0001)false
                                                                                                                                                                                                    Dec 19, 2024 12:34:35.554284096 CET1.1.1.1192.168.2.100x85a2No error (0)viltrac.com172.67.200.20A (IP address)IN (0x0001)false

                                                                                                                                                                                                    Statistics

                                                                                                                                                                                                    CPU Usage

                                                                                                                                                                                                    Click to jump to process

                                                                                                                                                                                                    Memory Usage

                                                                                                                                                                                                    Click to jump to process

                                                                                                                                                                                                    High Level Behavior Distribution

                                                                                                                                                                                                    Click to dive into process behavior distribution

                                                                                                                                                                                                    Behavior

                                                                                                                                                                                                    Click to jump to process

                                                                                                                                                                                                    System Behavior

                                                                                                                                                                                                    General

                                                                                                                                                                                                    Target ID:5
                                                                                                                                                                                                    Start time:06:34:02
                                                                                                                                                                                                    Start date:19/12/2024
                                                                                                                                                                                                    Path:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                    Commandline:"C:\Users\user\Desktop\fAatfRnCZ5.exe"
                                                                                                                                                                                                    Imagebase:0x7ff651740000
                                                                                                                                                                                                    File size:58'294'217 bytes
                                                                                                                                                                                                    MD5 hash:CE1C7E9A3FD9C2D0E3AD4B9DEFF11ABF
                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                    General

                                                                                                                                                                                                    Target ID:8
                                                                                                                                                                                                    Start time:06:34:33
                                                                                                                                                                                                    Start date:19/12/2024
                                                                                                                                                                                                    Path:C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                    Commandline:"C:\Users\user\Desktop\fAatfRnCZ5.exe"
                                                                                                                                                                                                    Imagebase:0x7ff651740000
                                                                                                                                                                                                    File size:58'294'217 bytes
                                                                                                                                                                                                    MD5 hash:CE1C7E9A3FD9C2D0E3AD4B9DEFF11ABF
                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                    Disassembly

                                                                                                                                                                                                    Reset < >

                                                                                                                                                                                                      Execution Graph

                                                                                                                                                                                                      Execution Coverage:10.3%
                                                                                                                                                                                                      Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                      Signature Coverage:18.4%
                                                                                                                                                                                                      Total number of Nodes:2000
                                                                                                                                                                                                      Total number of Limit Nodes:36
                                                                                                                                                                                                      execution_graph 20827 7ff65174bb3d 20828 7ff65174bb42 20827->20828 20834 7ff65174bcaa 20828->20834 20836 7ff65174b813 20828->20836 20837 7ff65174cd40 20828->20837 20829 7ff65174cc20 12 API calls 20833 7ff65174ba26 20829->20833 20831 7ff65174cd40 12 API calls 20832 7ff65174bfb8 20831->20832 20835 7ff65174cd40 12 API calls 20832->20835 20834->20831 20834->20836 20835->20836 20836->20829 20836->20833 20844 7ff65174cd90 20837->20844 20840 7ff65174ce49 20841 7ff65174d3e0 _log10_special 8 API calls 20840->20841 20843 7ff65174d088 20841->20843 20842 7ff65174d2d7 20845 7ff65174d844 20842->20845 20843->20834 20844->20840 20844->20842 20848 7ff65174d858 IsProcessorFeaturePresent 20845->20848 20849 7ff65174d86f 20848->20849 20854 7ff65174d8f8 RtlCaptureContext RtlLookupFunctionEntry 20849->20854 20855 7ff65174d883 20854->20855 20856 7ff65174d928 RtlVirtualUnwind 20854->20856 20857 7ff65174d730 SetUnhandledExceptionFilter UnhandledExceptionFilter GetCurrentProcess TerminateProcess 20855->20857 20856->20855 19546 7ff6517564b8 19547 7ff6517564d2 19546->19547 19548 7ff6517564ef 19546->19548 19549 7ff651755d78 _fread_nolock 11 API calls 19547->19549 19548->19547 19550 7ff651756502 CreateFileW 19548->19550 19551 7ff6517564d7 19549->19551 19552 7ff65175656c 19550->19552 19553 7ff651756536 19550->19553 19554 7ff651755d98 _get_daylight 11 API calls 19551->19554 19597 7ff651756a94 19552->19597 19571 7ff65175660c GetFileType 19553->19571 19558 7ff6517564df 19554->19558 19562 7ff65175b770 _invalid_parameter_noinfo 37 API calls 19558->19562 19560 7ff651756575 19565 7ff651755d0c _fread_nolock 11 API calls 19560->19565 19561 7ff6517565a0 19618 7ff651756854 19561->19618 19567 7ff6517564ea 19562->19567 19563 7ff65175654b CloseHandle 19563->19567 19564 7ff651756561 CloseHandle 19564->19567 19570 7ff65175657f 19565->19570 19570->19567 19572 7ff65175665a 19571->19572 19573 7ff651756717 19571->19573 19574 7ff651756686 GetFileInformationByHandle 19572->19574 19578 7ff651756990 21 API calls 19572->19578 19575 7ff65175671f 19573->19575 19576 7ff651756741 19573->19576 19579 7ff651756732 GetLastError 19574->19579 19580 7ff6517566af 19574->19580 19575->19579 19581 7ff651756723 19575->19581 19577 7ff651756764 PeekNamedPipe 19576->19577 19587 7ff651756702 19576->19587 19577->19587 19582 7ff651756674 19578->19582 19585 7ff651755d0c _fread_nolock 11 API calls 19579->19585 19583 7ff651756854 51 API calls 19580->19583 19584 7ff651755d98 _get_daylight 11 API calls 19581->19584 19582->19574 19582->19587 19588 7ff6517566ba 19583->19588 19584->19587 19585->19587 19586 7ff65174d3e0 _log10_special 8 API calls 19589 7ff651756544 19586->19589 19587->19586 19635 7ff6517567b4 19588->19635 19589->19563 19589->19564 19592 7ff6517567b4 10 API calls 19593 7ff6517566d9 19592->19593 19594 7ff6517567b4 10 API calls 19593->19594 19595 7ff6517566ea 19594->19595 19595->19587 19596 7ff651755d98 _get_daylight 11 API calls 19595->19596 19596->19587 19598 7ff651756aca 19597->19598 19599 7ff651755d98 _get_daylight 11 API calls 19598->19599 19617 7ff651756b62 __std_exception_destroy 19598->19617 19601 7ff651756adc 19599->19601 19600 7ff65174d3e0 _log10_special 8 API calls 19602 7ff651756571 19600->19602 19603 7ff651755d98 _get_daylight 11 API calls 19601->19603 19602->19560 19602->19561 19604 7ff651756ae4 19603->19604 19605 7ff651758c98 45 API calls 19604->19605 19606 7ff651756af9 19605->19606 19607 7ff651756b0b 19606->19607 19608 7ff651756b01 19606->19608 19610 7ff651755d98 _get_daylight 11 API calls 19607->19610 19609 7ff651755d98 _get_daylight 11 API calls 19608->19609 19616 7ff651756b06 19609->19616 19611 7ff651756b10 19610->19611 19612 7ff651755d98 _get_daylight 11 API calls 19611->19612 19611->19617 19613 7ff651756b1a 19612->19613 19614 7ff651758c98 45 API calls 19613->19614 19614->19616 19615 7ff651756b54 GetDriveTypeW 19615->19617 19616->19615 19616->19617 19617->19600 19620 7ff65175687c 19618->19620 19619 7ff6517565ad 19628 7ff651756990 19619->19628 19620->19619 19642 7ff6517605b4 19620->19642 19622 7ff651756910 19622->19619 19623 7ff6517605b4 51 API calls 19622->19623 19624 7ff651756923 19623->19624 19624->19619 19625 7ff6517605b4 51 API calls 19624->19625 19626 7ff651756936 19625->19626 19626->19619 19627 7ff6517605b4 51 API calls 19626->19627 19627->19619 19629 7ff6517569aa 19628->19629 19630 7ff6517569e1 19629->19630 19632 7ff6517569ba 19629->19632 19631 7ff651760448 21 API calls 19630->19631 19634 7ff6517569ca 19631->19634 19633 7ff651755d0c _fread_nolock 11 API calls 19632->19633 19632->19634 19633->19634 19634->19570 19636 7ff6517567dd FileTimeToSystemTime 19635->19636 19637 7ff6517567d0 19635->19637 19638 7ff6517567f1 SystemTimeToTzSpecificLocalTime 19636->19638 19639 7ff6517567d8 19636->19639 19637->19636 19637->19639 19638->19639 19640 7ff65174d3e0 _log10_special 8 API calls 19639->19640 19641 7ff6517566c9 19640->19641 19641->19592 19643 7ff6517605e5 19642->19643 19644 7ff6517605c1 19642->19644 19647 7ff65176061f 19643->19647 19648 7ff65176063e 19643->19648 19644->19643 19645 7ff6517605c6 19644->19645 19646 7ff651755d98 _get_daylight 11 API calls 19645->19646 19649 7ff6517605cb 19646->19649 19650 7ff651755d98 _get_daylight 11 API calls 19647->19650 19651 7ff651755ddc 45 API calls 19648->19651 19652 7ff65175b770 _invalid_parameter_noinfo 37 API calls 19649->19652 19653 7ff651760624 19650->19653 19657 7ff65176064b 19651->19657 19654 7ff6517605d6 19652->19654 19655 7ff65175b770 _invalid_parameter_noinfo 37 API calls 19653->19655 19654->19622 19656 7ff65176062f 19655->19656 19656->19622 19657->19656 19658 7ff65176136c 51 API calls 19657->19658 19658->19657 20865 7ff651762540 20876 7ff651768274 20865->20876 20877 7ff651768281 20876->20877 20878 7ff65175b7d8 __free_lconv_mon 11 API calls 20877->20878 20880 7ff65176829d 20877->20880 20878->20877 20879 7ff65175b7d8 __free_lconv_mon 11 API calls 20879->20880 20880->20879 20881 7ff651762549 20880->20881 20882 7ff651761168 EnterCriticalSection 20881->20882 16319 7ff65174dacc 16340 7ff65174dc9c 16319->16340 16322 7ff65174dc18 16542 7ff65174dfbc IsProcessorFeaturePresent 16322->16542 16323 7ff65174dae8 __scrt_acquire_startup_lock 16325 7ff65174dc22 16323->16325 16332 7ff65174db06 __scrt_release_startup_lock 16323->16332 16326 7ff65174dfbc 7 API calls 16325->16326 16328 7ff65174dc2d _CallSETranslator 16326->16328 16327 7ff65174db2b 16329 7ff65174dbb1 16346 7ff65174e104 16329->16346 16331 7ff65174dbb6 16349 7ff651741000 16331->16349 16332->16327 16332->16329 16531 7ff65175a9bc 16332->16531 16337 7ff65174dbd9 16337->16328 16538 7ff65174de20 16337->16538 16341 7ff65174dca4 16340->16341 16342 7ff65174dcb0 __scrt_dllmain_crt_thread_attach 16341->16342 16343 7ff65174dcbd 16342->16343 16345 7ff65174dae0 16342->16345 16343->16345 16549 7ff65174e718 16343->16549 16345->16322 16345->16323 16576 7ff65176b360 16346->16576 16348 7ff65174e11b GetStartupInfoW 16348->16331 16350 7ff651741009 16349->16350 16578 7ff651756314 16350->16578 16352 7ff651743caa 16585 7ff651742770 16352->16585 16357 7ff651742770 53 API calls 16358 7ff651743ce7 16357->16358 16360 7ff651742770 53 API calls 16358->16360 16362 7ff651743cf3 16360->16362 16622 7ff651741950 16362->16622 16365 7ff651743e2b 16367 7ff651742770 53 API calls 16365->16367 16366 7ff651743d0b 16816 7ff651741cc0 16366->16816 16369 7ff651743e37 16367->16369 16825 7ff651744c50 16369->16825 16370 7ff651743d29 16372 7ff651742770 53 API calls 16370->16372 16374 7ff651743d50 16372->16374 16376 7ff651742770 53 API calls 16374->16376 16375 7ff651743e4e 16380 7ff651742770 53 API calls 16375->16380 16378 7ff651743d84 16376->16378 16682 7ff651749640 16378->16682 16382 7ff651743e9c 16380->16382 16381 7ff651743e7e 16383 7ff651743eb5 16381->16383 16384 7ff651743e83 16381->16384 16859 7ff651742960 16382->16859 16386 7ff651741cc0 49 API calls 16383->16386 16855 7ff651750edc 16384->16855 16389 7ff651743ed3 16386->16389 16388 7ff651743db2 16820 7ff6517497b0 16388->16820 16394 7ff651742770 53 API calls 16389->16394 16390 7ff651743d93 16390->16388 16392 7ff651742770 53 API calls 16390->16392 16393 7ff651743dc1 __std_exception_destroy 16390->16393 16392->16388 16395 7ff651749640 14 API calls 16393->16395 16417 7ff651743f57 __std_exception_destroy 16393->16417 16397 7ff651743f05 16394->16397 16398 7ff651743de1 16395->16398 16401 7ff651741950 119 API calls 16397->16401 16402 7ff651743ded 16398->16402 16403 7ff651743f65 16398->16403 16399 7ff651743f88 16400 7ff6517497b0 40 API calls 16399->16400 16405 7ff651743f94 16400->16405 16407 7ff651743f0d 16401->16407 16404 7ff651742770 53 API calls 16402->16404 16406 7ff651742770 53 API calls 16403->16406 16413 7ff651743dfc 16404->16413 16408 7ff6517497b0 40 API calls 16405->16408 16406->16417 16407->16370 16409 7ff651743f1d 16407->16409 16411 7ff651743fa0 16408->16411 16410 7ff651742960 56 API calls 16409->16410 16475 7ff651743cc6 __std_exception_destroy 16410->16475 16412 7ff6517497b0 40 API calls 16411->16412 16414 7ff651743fac 16412->16414 16415 7ff651742770 53 API calls 16413->16415 16416 7ff651749640 14 API calls 16414->16416 16415->16417 16418 7ff651743fc0 16416->16418 16417->16414 16870 7ff651749750 16417->16870 16419 7ff651743fe5 __std_exception_destroy 16418->16419 16420 7ff6517440bc 16418->16420 16422 7ff651742770 53 API calls 16419->16422 16421 7ff651742960 56 API calls 16420->16421 16421->16475 16423 7ff651744010 16422->16423 16424 7ff651749750 40 API calls 16423->16424 16439 7ff651744038 16423->16439 16424->16439 16425 7ff651749640 14 API calls 16426 7ff651744183 __std_exception_destroy 16425->16426 16427 7ff6517441bd 16426->16427 16428 7ff6517442f4 16426->16428 16430 7ff6517441c9 16427->16430 16431 7ff651744258 16427->16431 16877 7ff651744b70 16428->16877 16434 7ff651742770 53 API calls 16430->16434 16432 7ff651742770 53 API calls 16431->16432 16436 7ff651744278 16432->16436 16433 7ff651744301 16437 7ff651744317 16433->16437 16438 7ff651744323 16433->16438 16435 7ff6517441d5 16434->16435 16440 7ff651742770 53 API calls 16435->16440 16441 7ff651749640 14 API calls 16436->16441 16880 7ff651744cc0 16437->16880 16443 7ff651741cc0 49 API calls 16438->16443 16439->16425 16444 7ff6517441e1 16440->16444 16445 7ff651744284 16441->16445 16465 7ff651744253 __std_exception_destroy 16443->16465 16695 7ff651749e70 16444->16695 16448 7ff6517442de 16445->16448 16452 7ff651744291 16445->16452 16446 7ff651742770 53 API calls 16449 7ff651744348 16446->16449 16451 7ff651742960 56 API calls 16448->16451 16453 7ff6517443b5 16449->16453 16461 7ff651744366 SetDllDirectoryW 16449->16461 16451->16475 16456 7ff651741cc0 49 API calls 16452->16456 16751 7ff65174a220 16453->16751 16454 7ff651744208 16458 7ff651742770 53 API calls 16454->16458 16455 7ff6517441f2 16457 7ff651742960 56 API calls 16455->16457 16460 7ff6517442af 16456->16460 16457->16475 16462 7ff65174421b 16458->16462 16464 7ff6517442b6 16460->16464 16460->16465 16466 7ff651742880 50 API calls 16461->16466 16714 7ff651749450 16462->16714 16463 7ff6517443c8 16468 7ff6517443cd 16463->16468 16469 7ff6517443e3 16463->16469 16470 7ff651742960 56 API calls 16464->16470 16465->16446 16472 7ff651744381 LoadLibraryExW 16466->16472 16474 7ff651742960 56 API calls 16468->16474 16756 7ff651742880 16469->16756 16470->16475 16477 7ff6517443a9 16472->16477 16474->16475 17013 7ff65174d3e0 16475->17013 16483 7ff651742880 50 API calls 16477->16483 16478 7ff651744227 16484 7ff651742960 56 API calls 16478->16484 16479 7ff65174423d 16480 7ff651742770 53 API calls 16479->16480 16480->16465 16481 7ff65174441d 16485 7ff651749640 14 API calls 16481->16485 16482 7ff651744411 16486 7ff651742770 53 API calls 16482->16486 16483->16453 16484->16475 16490 7ff651744429 __std_exception_destroy 16485->16490 16525 7ff65174446c 16486->16525 16487 7ff65174458c 16488 7ff6517445b8 16487->16488 16489 7ff651744595 PostMessageW GetMessageW 16487->16489 16992 7ff6517435e0 16488->16992 16489->16488 16493 7ff651744451 16490->16493 16494 7ff65174446e 16490->16494 16491 7ff6517444c6 16765 7ff651743970 16491->16765 16497 7ff651742770 53 API calls 16493->16497 16495 7ff651744476 16494->16495 16496 7ff651744493 16494->16496 16498 7ff651742770 53 API calls 16495->16498 16496->16482 16502 7ff6517444d7 16496->16502 16500 7ff65174445d 16497->16500 16503 7ff651744482 16498->16503 16501 7ff651749750 40 API calls 16500->16501 16501->16525 16505 7ff651742770 53 API calls 16502->16505 16506 7ff651749750 40 API calls 16503->16506 16504 7ff6517445c8 17006 7ff651743910 16504->17006 16508 7ff6517444e3 16505->16508 16506->16525 16883 7ff6517475e0 16508->16883 16511 7ff6517477e0 54 API calls 16513 7ff6517445de 16511->16513 16516 7ff651742770 53 API calls 16513->16516 16515 7ff6517444fd 16517 7ff651742770 53 API calls 16515->16517 16530 7ff651744501 16515->16530 16516->16475 16519 7ff651744516 16517->16519 16521 7ff651744536 16519->16521 16524 7ff651742770 53 API calls 16519->16524 16521->16530 16525->16487 16525->16491 16530->16525 16949 7ff651742cb0 16530->16949 16532 7ff65175a9d3 16531->16532 16533 7ff65175a9f4 16531->16533 16532->16329 19479 7ff65175b268 16533->19479 16536 7ff65174e148 GetModuleHandleW 16537 7ff65174e159 16536->16537 16537->16337 16539 7ff65174de31 16538->16539 16540 7ff65174dbf0 16539->16540 16541 7ff65174e718 7 API calls 16539->16541 16540->16327 16541->16540 16543 7ff65174dfe2 _isindst __scrt_get_show_window_mode 16542->16543 16544 7ff65174e001 RtlCaptureContext RtlLookupFunctionEntry 16543->16544 16545 7ff65174e02a RtlVirtualUnwind 16544->16545 16546 7ff65174e066 __scrt_get_show_window_mode 16544->16546 16545->16546 16547 7ff65174e098 IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter 16546->16547 16548 7ff65174e0e6 _isindst 16547->16548 16548->16325 16550 7ff65174e72a 16549->16550 16551 7ff65174e720 16549->16551 16550->16345 16555 7ff65174eab4 16551->16555 16556 7ff65174eac3 16555->16556 16557 7ff65174e725 16555->16557 16563 7ff65174ecf0 16556->16563 16559 7ff65174eb20 16557->16559 16560 7ff65174eb4b 16559->16560 16561 7ff65174eb2e DeleteCriticalSection 16560->16561 16562 7ff65174eb4f 16560->16562 16561->16560 16562->16550 16567 7ff65174eb58 16563->16567 16573 7ff65174ec42 TlsFree 16567->16573 16574 7ff65174eb9c __vcrt_FlsAlloc 16567->16574 16568 7ff65174ebca LoadLibraryExW 16570 7ff65174ebeb GetLastError 16568->16570 16571 7ff65174ec69 16568->16571 16569 7ff65174ec89 GetProcAddress 16569->16573 16570->16574 16571->16569 16572 7ff65174ec80 FreeLibrary 16571->16572 16572->16569 16574->16568 16574->16569 16574->16573 16575 7ff65174ec0d LoadLibraryExW 16574->16575 16575->16571 16575->16574 16577 7ff65176b350 16576->16577 16577->16348 16577->16577 16581 7ff651760310 16578->16581 16579 7ff651760363 17022 7ff65175b6a4 16579->17022 16581->16579 16582 7ff6517603b6 16581->16582 17032 7ff6517601e8 16582->17032 16584 7ff65176038c 16584->16352 16586 7ff651742794 16585->16586 16587 7ff651741cc0 49 API calls 16586->16587 16588 7ff6517427e5 16587->16588 17139 7ff651755814 16588->17139 16591 7ff65174a220 2 API calls 16592 7ff65174283a 16591->16592 16593 7ff65174284f OutputDebugStringA 16592->16593 16594 7ff65174283f OutputDebugStringW 16592->16594 16595 7ff65174285a 16593->16595 16594->16595 16596 7ff65174d3e0 _log10_special 8 API calls 16595->16596 16597 7ff65174286a 16596->16597 16598 7ff651743b40 16597->16598 17570 7ff65174d6e0 16598->17570 16601 7ff651743b7b GetLastError 17577 7ff651742ec0 16601->17577 16602 7ff651743ba0 17572 7ff65174a110 FindFirstFileExW 16602->17572 16606 7ff651743bb2 16608 7ff651742880 50 API calls 16606->16608 16607 7ff65174d3e0 _log10_special 8 API calls 16610 7ff651743c61 16607->16610 16612 7ff651743bc3 16608->16612 16609 7ff651743c22 17604 7ff65174a2d0 16609->17604 16610->16357 16610->16475 17592 7ff65174a190 CreateFileW 16612->17592 16614 7ff651743c30 16616 7ff651743b96 16614->16616 16619 7ff651742a60 51 API calls 16614->16619 16616->16607 16617 7ff651743bd9 17595 7ff651742a60 16617->17595 16618 7ff651743bf1 __vcrt_FlsAlloc 16618->16609 16619->16616 16623 7ff651742770 53 API calls 16622->16623 16624 7ff651741988 16623->16624 16625 7ff651744c50 108 API calls 16624->16625 16626 7ff651741997 16625->16626 16627 7ff65174199f 16626->16627 16628 7ff6517419b5 16626->16628 16629 7ff651742770 53 API calls 16627->16629 16630 7ff6517488f0 89 API calls 16628->16630 16631 7ff6517419ae 16629->16631 16632 7ff6517419ef 16630->16632 16637 7ff65174d3e0 _log10_special 8 API calls 16631->16637 16633 7ff651741a08 16632->16633 16634 7ff6517419f7 16632->16634 16636 7ff651742770 53 API calls 16633->16636 16635 7ff651742770 53 API calls 16634->16635 16681 7ff651741a03 16635->16681 16638 7ff651741a17 16636->16638 16639 7ff651741c9e 16637->16639 17807 7ff651751564 16638->17807 16639->16365 16639->16366 16641 7ff651741a25 16643 7ff651741a29 16641->16643 16644 7ff651741a48 16641->16644 16642 7ff651750edc 74 API calls 16642->16631 16645 7ff651755d98 _get_daylight 11 API calls 16643->16645 17811 7ff65175122c 16644->17811 16647 7ff651741a2e 16645->16647 17814 7ff651742b70 16647->17814 16650 7ff651741a66 16651 7ff651755d98 _get_daylight 11 API calls 16650->16651 16653 7ff651741a6b 16651->16653 16652 7ff651741a85 16655 7ff651741a9c 16652->16655 16656 7ff651741abb 16652->16656 16654 7ff651742b70 56 API calls 16653->16654 16654->16681 16657 7ff651755d98 _get_daylight 11 API calls 16655->16657 16658 7ff651741cc0 49 API calls 16656->16658 16659 7ff651741aa1 16657->16659 16660 7ff651741ad2 16658->16660 16661 7ff651742b70 56 API calls 16659->16661 16662 7ff651741cc0 49 API calls 16660->16662 16661->16681 16663 7ff651741b1d 16662->16663 16664 7ff651751564 73 API calls 16663->16664 16665 7ff651741b41 16664->16665 16666 7ff651741b56 16665->16666 16667 7ff651741b75 16665->16667 16668 7ff651755d98 _get_daylight 11 API calls 16666->16668 16669 7ff65175122c _fread_nolock 53 API calls 16667->16669 16670 7ff651741b5b 16668->16670 16671 7ff651741b8a 16669->16671 16672 7ff651742b70 56 API calls 16670->16672 16673 7ff651741b90 16671->16673 16674 7ff651741baf 16671->16674 16672->16681 16676 7ff651755d98 _get_daylight 11 API calls 16673->16676 17829 7ff651750fa0 16674->17829 16678 7ff651741b95 16676->16678 16679 7ff651742b70 56 API calls 16678->16679 16679->16681 16680 7ff651742960 56 API calls 16680->16681 16681->16642 16683 7ff65174964a 16682->16683 16684 7ff65174a220 2 API calls 16683->16684 16685 7ff651749669 GetEnvironmentVariableW 16684->16685 16686 7ff651749686 ExpandEnvironmentStringsW 16685->16686 16687 7ff6517496d2 16685->16687 16686->16687 16689 7ff6517496a8 16686->16689 16688 7ff65174d3e0 _log10_special 8 API calls 16687->16688 16690 7ff6517496e4 16688->16690 16691 7ff65174a2d0 2 API calls 16689->16691 16690->16390 16692 7ff6517496ba 16691->16692 16693 7ff65174d3e0 _log10_special 8 API calls 16692->16693 16694 7ff6517496ca 16693->16694 16694->16390 16696 7ff651749e85 16695->16696 17891 7ff651749360 GetCurrentProcess OpenProcessToken 16696->17891 16699 7ff651749360 7 API calls 16700 7ff651749eb1 16699->16700 16701 7ff651749eca 16700->16701 16702 7ff651749ee4 16700->16702 16703 7ff651742710 48 API calls 16701->16703 16704 7ff651742710 48 API calls 16702->16704 16705 7ff651749ee2 16703->16705 16706 7ff651749ef7 LocalFree LocalFree 16704->16706 16705->16706 16707 7ff651749f23 16706->16707 16708 7ff651749f13 16706->16708 16710 7ff651742880 50 API calls 16707->16710 17901 7ff651742db0 16708->17901 16711 7ff651749f1f 16710->16711 16712 7ff65174d3e0 _log10_special 8 API calls 16711->16712 16713 7ff6517441e6 16712->16713 16713->16454 16713->16455 16715 7ff651749468 16714->16715 16716 7ff65174948c 16715->16716 16717 7ff6517494f6 GetTempPathW 16715->16717 16718 7ff651749640 14 API calls 16716->16718 16719 7ff651742880 50 API calls 16717->16719 16721 7ff651749498 16718->16721 16720 7ff651749517 GetCurrentProcessId 16719->16720 17910 7ff651742600 16720->17910 17917 7ff651748c50 16721->17917 16725 7ff651749535 __std_exception_destroy 16740 7ff651749575 __std_exception_destroy 16725->16740 17914 7ff6517599f8 16725->17914 16726 7ff6517494d8 __std_exception_destroy 16750 7ff6517495e4 __std_exception_destroy 16726->16750 16729 7ff6517494be __std_exception_destroy 16734 7ff6517494ea 16729->16734 16735 7ff6517494cc 16729->16735 16732 7ff65174d3e0 _log10_special 8 API calls 16736 7ff651744223 16732->16736 16739 7ff651742880 50 API calls 16734->16739 16738 7ff651742a60 51 API calls 16735->16738 16736->16478 16736->16479 16738->16726 16739->16717 16742 7ff65174a220 2 API calls 16740->16742 16740->16750 16743 7ff6517495c1 16742->16743 16744 7ff6517495c6 16743->16744 16745 7ff6517495f9 16743->16745 16747 7ff65174a220 2 API calls 16744->16747 16746 7ff6517590c8 38 API calls 16745->16746 16746->16750 16748 7ff6517495d6 16747->16748 16749 7ff6517590c8 38 API calls 16748->16749 16749->16750 16750->16732 16752 7ff65174a242 MultiByteToWideChar 16751->16752 16755 7ff65174a266 16751->16755 16754 7ff65174a27c __std_exception_destroy 16752->16754 16752->16755 16753 7ff65174a283 MultiByteToWideChar 16753->16754 16754->16463 16755->16753 16755->16754 16757 7ff65174d6e0 16756->16757 16758 7ff6517428a4 GetCurrentProcessId 16757->16758 16759 7ff651742710 48 API calls 16758->16759 16760 7ff6517428f5 16759->16760 16761 7ff651755a68 48 API calls 16760->16761 16762 7ff651742933 OutputDebugStringW 16761->16762 16763 7ff65174d3e0 _log10_special 8 API calls 16762->16763 16764 7ff65174294e SetDllDirectoryW 16763->16764 16764->16481 16764->16482 16766 7ff651742770 53 API calls 16765->16766 16767 7ff651743989 16766->16767 18215 7ff651743660 16767->18215 16770 7ff6517439b1 18234 7ff651749e50 LocalFree 16770->18234 16771 7ff651743995 16772 7ff651742770 53 API calls 16771->16772 16774 7ff6517439a1 16772->16774 16774->16475 16817 7ff651741ce5 16816->16817 16818 7ff651755814 49 API calls 16817->16818 16819 7ff651741d08 16818->16819 16819->16370 16821 7ff65174a220 2 API calls 16820->16821 16822 7ff6517497c4 16821->16822 16823 7ff6517590c8 38 API calls 16822->16823 16824 7ff6517497d6 __std_exception_destroy 16823->16824 16824->16393 16826 7ff651744c5c 16825->16826 16827 7ff65174a220 2 API calls 16826->16827 16828 7ff651744c84 16827->16828 16829 7ff65174a220 2 API calls 16828->16829 16830 7ff651744c97 16829->16830 18551 7ff651756e24 16830->18551 16833 7ff65174d3e0 _log10_special 8 API calls 16834 7ff651743e46 16833->16834 16834->16375 16835 7ff6517488f0 16834->16835 16836 7ff651748914 16835->16836 16837 7ff65174891c 16836->16837 16838 7ff651748932 16836->16838 16839 7ff651742770 53 API calls 16837->16839 16840 7ff651751564 73 API calls 16838->16840 16853 7ff65174892d __std_exception_destroy 16839->16853 16841 7ff651748942 16840->16841 16842 7ff651748946 16841->16842 16843 7ff651748957 16841->16843 16845 7ff651742770 53 API calls 16842->16845 18942 7ff651758758 16843->18942 16845->16853 16846 7ff651748964 16847 7ff65174896c 16846->16847 16854 7ff65174897d 16846->16854 16848 7ff651742770 53 API calls 16847->16848 16848->16853 16849 7ff651751564 73 API calls 16849->16854 16850 7ff651748a26 16852 7ff651742770 53 API calls 16850->16852 16851 7ff65175122c _fread_nolock 53 API calls 16851->16854 16852->16853 16853->16381 16854->16849 16854->16850 16854->16851 16854->16853 16856 7ff651750f0c 16855->16856 18957 7ff651750cb8 16856->18957 16858 7ff651750f25 16858->16375 16860 7ff65174d6e0 16859->16860 16861 7ff651742984 GetCurrentProcessId 16860->16861 16862 7ff651741cc0 49 API calls 16861->16862 16863 7ff6517429d7 16862->16863 16864 7ff651755814 49 API calls 16863->16864 16865 7ff651742a1f 16864->16865 16866 7ff651742660 14 API calls 16865->16866 16867 7ff651742a41 16866->16867 16868 7ff65174d3e0 _log10_special 8 API calls 16867->16868 16869 7ff651742a51 16868->16869 16869->16475 16871 7ff65174a220 2 API calls 16870->16871 16872 7ff65174976c 16871->16872 16873 7ff65174a220 2 API calls 16872->16873 16874 7ff65174977c 16873->16874 16875 7ff6517590c8 38 API calls 16874->16875 16876 7ff65174978a __std_exception_destroy 16875->16876 16876->16399 16878 7ff651741cc0 49 API calls 16877->16878 16879 7ff651744b8d 16878->16879 16879->16433 16881 7ff651741cc0 49 API calls 16880->16881 16882 7ff651744cf0 16881->16882 16882->16465 16884 7ff6517475f5 16883->16884 16885 7ff6517444e8 16884->16885 16886 7ff651755d98 _get_daylight 11 API calls 16884->16886 16889 7ff651747c80 16885->16889 16887 7ff651747602 16886->16887 16888 7ff651742b70 56 API calls 16887->16888 16888->16885 18968 7ff651741470 16889->18968 16891 7ff651747ca8 16892 7ff651744cc0 49 API calls 16891->16892 16898 7ff651747df9 __std_exception_destroy 16891->16898 16893 7ff651747cca 16892->16893 16894 7ff651744cc0 49 API calls 16893->16894 16897 7ff651747ccf 16893->16897 16895 7ff651747cee 16894->16895 16895->16897 16896 7ff651742cb0 56 API calls 16896->16898 16897->16896 16898->16515 19078 7ff651746a60 16992->19078 16995 7ff651743648 16995->16504 19469 7ff6517466b0 17006->19469 17009 7ff651743940 17009->16511 17010 7ff651742770 53 API calls 17011 7ff651743934 17010->17011 19473 7ff651749de0 FreeLibrary 17011->19473 17014 7ff65174d3e9 17013->17014 17015 7ff651744638 17014->17015 17016 7ff65174d770 IsProcessorFeaturePresent 17014->17016 17015->16536 17017 7ff65174d788 17016->17017 19474 7ff65174d968 RtlCaptureContext 17017->19474 17039 7ff65175b3ec 17022->17039 17025 7ff65175b6df 17025->16584 17138 7ff6517562fc EnterCriticalSection 17032->17138 17040 7ff65175b408 GetLastError 17039->17040 17041 7ff65175b443 17039->17041 17042 7ff65175b418 17040->17042 17041->17025 17045 7ff65175b458 17041->17045 17052 7ff65175c220 17042->17052 17046 7ff65175b48c 17045->17046 17047 7ff65175b474 GetLastError SetLastError 17045->17047 17046->17025 17048 7ff65175b790 IsProcessorFeaturePresent 17046->17048 17047->17046 17049 7ff65175b7a3 17048->17049 17130 7ff65175b4a4 17049->17130 17053 7ff65175c25a FlsSetValue 17052->17053 17054 7ff65175c23f FlsGetValue 17052->17054 17056 7ff65175c267 17053->17056 17057 7ff65175b433 SetLastError 17053->17057 17055 7ff65175c254 17054->17055 17054->17057 17055->17053 17069 7ff65175fa28 17056->17069 17057->17041 17060 7ff65175c294 FlsSetValue 17062 7ff65175c2b2 17060->17062 17063 7ff65175c2a0 FlsSetValue 17060->17063 17061 7ff65175c284 FlsSetValue 17064 7ff65175c28d 17061->17064 17082 7ff65175bd84 17062->17082 17063->17064 17076 7ff65175b7d8 17064->17076 17074 7ff65175fa39 _get_daylight 17069->17074 17070 7ff65175fa8a 17090 7ff651755d98 17070->17090 17071 7ff65175fa6e HeapAlloc 17072 7ff65175c276 17071->17072 17071->17074 17072->17060 17072->17061 17074->17070 17074->17071 17087 7ff651764420 17074->17087 17077 7ff65175b7dd RtlFreeHeap 17076->17077 17078 7ff65175b80c 17076->17078 17077->17078 17079 7ff65175b7f8 GetLastError 17077->17079 17078->17057 17080 7ff65175b805 __free_lconv_mon 17079->17080 17081 7ff651755d98 _get_daylight 9 API calls 17080->17081 17081->17078 17116 7ff65175bc5c 17082->17116 17093 7ff651764460 17087->17093 17099 7ff65175c158 GetLastError 17090->17099 17092 7ff651755da1 17092->17072 17098 7ff651761168 EnterCriticalSection 17093->17098 17100 7ff65175c199 FlsSetValue 17099->17100 17106 7ff65175c17c 17099->17106 17101 7ff65175c1ab 17100->17101 17105 7ff65175c189 17100->17105 17102 7ff65175fa28 _get_daylight 5 API calls 17101->17102 17104 7ff65175c1ba 17102->17104 17103 7ff65175c205 SetLastError 17103->17092 17107 7ff65175c1d8 FlsSetValue 17104->17107 17108 7ff65175c1c8 FlsSetValue 17104->17108 17105->17103 17106->17100 17106->17105 17110 7ff65175c1f6 17107->17110 17111 7ff65175c1e4 FlsSetValue 17107->17111 17109 7ff65175c1d1 17108->17109 17112 7ff65175b7d8 __free_lconv_mon 5 API calls 17109->17112 17113 7ff65175bd84 _get_daylight 5 API calls 17110->17113 17111->17109 17112->17105 17114 7ff65175c1fe 17113->17114 17115 7ff65175b7d8 __free_lconv_mon 5 API calls 17114->17115 17115->17103 17128 7ff651761168 EnterCriticalSection 17116->17128 17131 7ff65175b4de _isindst __scrt_get_show_window_mode 17130->17131 17132 7ff65175b506 RtlCaptureContext RtlLookupFunctionEntry 17131->17132 17133 7ff65175b576 IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter 17132->17133 17134 7ff65175b540 RtlVirtualUnwind 17132->17134 17135 7ff65175b5c8 _isindst 17133->17135 17134->17133 17136 7ff65174d3e0 _log10_special 8 API calls 17135->17136 17137 7ff65175b5e7 GetCurrentProcess TerminateProcess 17136->17137 17142 7ff65175586e 17139->17142 17140 7ff651755893 17141 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17140->17141 17145 7ff6517558bd 17141->17145 17142->17140 17143 7ff6517558cf 17142->17143 17157 7ff651753aa0 17143->17157 17146 7ff65174d3e0 _log10_special 8 API calls 17145->17146 17148 7ff651742822 17146->17148 17147 7ff65175b7d8 __free_lconv_mon 11 API calls 17147->17145 17148->16591 17150 7ff6517559d0 17152 7ff6517559ac 17150->17152 17153 7ff6517559da 17150->17153 17151 7ff651755978 17151->17152 17156 7ff651755981 17151->17156 17152->17147 17155 7ff65175b7d8 __free_lconv_mon 11 API calls 17153->17155 17154 7ff65175b7d8 __free_lconv_mon 11 API calls 17154->17145 17155->17145 17156->17154 17158 7ff651753ade 17157->17158 17163 7ff651753ace 17157->17163 17159 7ff651753ae7 17158->17159 17165 7ff651753b15 17158->17165 17162 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17159->17162 17160 7ff651753b0d 17160->17150 17160->17151 17160->17152 17160->17156 17161 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17161->17160 17162->17160 17163->17161 17165->17160 17165->17163 17167 7ff651753dc4 17165->17167 17171 7ff651754430 17165->17171 17197 7ff6517540f8 17165->17197 17227 7ff651753980 17165->17227 17230 7ff651755650 17165->17230 17169 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17167->17169 17169->17163 17172 7ff651754472 17171->17172 17173 7ff6517544e5 17171->17173 17174 7ff651754478 17172->17174 17175 7ff65175450f 17172->17175 17176 7ff6517544ea 17173->17176 17177 7ff65175453f 17173->17177 17182 7ff65175447d 17174->17182 17188 7ff65175454e 17174->17188 17254 7ff6517529e0 17175->17254 17178 7ff6517544ec 17176->17178 17179 7ff65175451f 17176->17179 17177->17175 17177->17188 17195 7ff6517544a8 17177->17195 17181 7ff65175448d 17178->17181 17187 7ff6517544fb 17178->17187 17261 7ff6517525d0 17179->17261 17196 7ff65175457d 17181->17196 17236 7ff651754d94 17181->17236 17182->17181 17185 7ff6517544c0 17182->17185 17182->17195 17185->17196 17246 7ff651755250 17185->17246 17187->17175 17190 7ff651754500 17187->17190 17188->17196 17268 7ff651752df0 17188->17268 17190->17196 17250 7ff6517553e8 17190->17250 17191 7ff65174d3e0 _log10_special 8 API calls 17193 7ff651754813 17191->17193 17193->17165 17195->17196 17275 7ff65175f6e8 17195->17275 17196->17191 17198 7ff651754119 17197->17198 17199 7ff651754103 17197->17199 17200 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17198->17200 17203 7ff651754157 17198->17203 17201 7ff651754472 17199->17201 17202 7ff6517544e5 17199->17202 17199->17203 17200->17203 17204 7ff651754478 17201->17204 17205 7ff65175450f 17201->17205 17206 7ff6517544ea 17202->17206 17207 7ff65175453f 17202->17207 17203->17165 17212 7ff65175447d 17204->17212 17218 7ff65175454e 17204->17218 17210 7ff6517529e0 38 API calls 17205->17210 17208 7ff6517544ec 17206->17208 17209 7ff65175451f 17206->17209 17207->17205 17207->17218 17225 7ff6517544a8 17207->17225 17211 7ff65175448d 17208->17211 17217 7ff6517544fb 17208->17217 17213 7ff6517525d0 38 API calls 17209->17213 17210->17225 17214 7ff651754d94 47 API calls 17211->17214 17226 7ff65175457d 17211->17226 17212->17211 17215 7ff6517544c0 17212->17215 17212->17225 17213->17225 17214->17225 17219 7ff651755250 47 API calls 17215->17219 17215->17226 17216 7ff651752df0 38 API calls 17216->17225 17217->17205 17220 7ff651754500 17217->17220 17218->17216 17218->17226 17219->17225 17222 7ff6517553e8 37 API calls 17220->17222 17220->17226 17221 7ff65174d3e0 _log10_special 8 API calls 17223 7ff651754813 17221->17223 17222->17225 17223->17165 17224 7ff65175f6e8 47 API calls 17224->17225 17225->17224 17225->17226 17226->17221 17472 7ff651751ba4 17227->17472 17231 7ff651755667 17230->17231 17489 7ff65175e848 17231->17489 17237 7ff651754db6 17236->17237 17285 7ff651751a10 17237->17285 17242 7ff651755650 45 API calls 17243 7ff651754ef3 17242->17243 17244 7ff651755650 45 API calls 17243->17244 17245 7ff651754f7c 17243->17245 17244->17245 17245->17195 17247 7ff651755268 17246->17247 17249 7ff6517552d0 17246->17249 17248 7ff65175f6e8 47 API calls 17247->17248 17247->17249 17248->17249 17249->17195 17251 7ff651755409 17250->17251 17252 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17251->17252 17253 7ff65175543a 17251->17253 17252->17253 17253->17195 17255 7ff651752a13 17254->17255 17256 7ff651752a42 17255->17256 17258 7ff651752aff 17255->17258 17257 7ff651751a10 12 API calls 17256->17257 17260 7ff651752a7f 17256->17260 17257->17260 17259 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17258->17259 17259->17260 17260->17195 17262 7ff651752603 17261->17262 17263 7ff651752632 17262->17263 17265 7ff6517526ef 17262->17265 17264 7ff651751a10 12 API calls 17263->17264 17267 7ff65175266f 17263->17267 17264->17267 17266 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17265->17266 17266->17267 17267->17195 17270 7ff651752e23 17268->17270 17269 7ff651752e52 17271 7ff651751a10 12 API calls 17269->17271 17274 7ff651752e8f 17269->17274 17270->17269 17272 7ff651752f0f 17270->17272 17271->17274 17273 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17272->17273 17273->17274 17274->17195 17277 7ff65175f710 17275->17277 17276 7ff65175f755 17280 7ff65175f715 __scrt_get_show_window_mode 17276->17280 17281 7ff65175f73e __scrt_get_show_window_mode 17276->17281 17469 7ff651761678 17276->17469 17277->17276 17279 7ff651755650 45 API calls 17277->17279 17277->17280 17277->17281 17278 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17278->17280 17279->17276 17280->17195 17281->17278 17281->17280 17286 7ff651751a36 17285->17286 17287 7ff651751a47 17285->17287 17293 7ff65175f400 17286->17293 17287->17286 17315 7ff65175e48c 17287->17315 17290 7ff651751a88 17292 7ff65175b7d8 __free_lconv_mon 11 API calls 17290->17292 17291 7ff65175b7d8 __free_lconv_mon 11 API calls 17291->17290 17292->17286 17294 7ff65175f41d 17293->17294 17295 7ff65175f450 17293->17295 17296 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17294->17296 17295->17294 17297 7ff65175f482 17295->17297 17306 7ff651754ed1 17296->17306 17301 7ff65175f595 17297->17301 17310 7ff65175f4ca 17297->17310 17298 7ff65175f687 17355 7ff65175e8ec 17298->17355 17300 7ff65175f64d 17348 7ff65175ec84 17300->17348 17301->17298 17301->17300 17302 7ff65175f61c 17301->17302 17304 7ff65175f5df 17301->17304 17307 7ff65175f5d5 17301->17307 17341 7ff65175ef64 17302->17341 17331 7ff65175f194 17304->17331 17306->17242 17306->17243 17307->17300 17309 7ff65175f5da 17307->17309 17309->17302 17309->17304 17310->17306 17322 7ff65175b334 17310->17322 17313 7ff65175b790 _isindst 17 API calls 17314 7ff65175f6e4 17313->17314 17316 7ff65175e4d7 17315->17316 17320 7ff65175e49b _get_daylight 17315->17320 17318 7ff651755d98 _get_daylight 11 API calls 17316->17318 17317 7ff65175e4be HeapAlloc 17319 7ff651751a74 17317->17319 17317->17320 17318->17319 17319->17290 17319->17291 17320->17316 17320->17317 17321 7ff651764420 _get_daylight 2 API calls 17320->17321 17321->17320 17323 7ff65175b341 17322->17323 17325 7ff65175b34b 17322->17325 17323->17325 17329 7ff65175b366 17323->17329 17324 7ff651755d98 _get_daylight 11 API calls 17326 7ff65175b352 17324->17326 17325->17324 17364 7ff65175b770 17326->17364 17328 7ff65175b35e 17328->17306 17328->17313 17329->17328 17330 7ff651755d98 _get_daylight 11 API calls 17329->17330 17330->17326 17371 7ff651764f3c 17331->17371 17335 7ff65175f23c 17336 7ff65175f291 17335->17336 17338 7ff65175f25c 17335->17338 17340 7ff65175f240 17335->17340 17424 7ff65175ed80 17336->17424 17420 7ff65175f03c 17338->17420 17340->17306 17342 7ff651764f3c 38 API calls 17341->17342 17343 7ff65175efae 17342->17343 17344 7ff651764984 37 API calls 17343->17344 17345 7ff65175effe 17344->17345 17346 7ff65175f03c 45 API calls 17345->17346 17347 7ff65175f002 17345->17347 17346->17347 17347->17306 17349 7ff651764f3c 38 API calls 17348->17349 17350 7ff65175eccf 17349->17350 17351 7ff651764984 37 API calls 17350->17351 17352 7ff65175ed27 17351->17352 17353 7ff65175ed2b 17352->17353 17354 7ff65175ed80 45 API calls 17352->17354 17353->17306 17354->17353 17356 7ff65175e964 17355->17356 17357 7ff65175e931 17355->17357 17359 7ff65175e97c 17356->17359 17361 7ff65175e9fd 17356->17361 17358 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17357->17358 17363 7ff65175e95d __scrt_get_show_window_mode 17358->17363 17360 7ff65175ec84 46 API calls 17359->17360 17360->17363 17362 7ff651755650 45 API calls 17361->17362 17361->17363 17362->17363 17363->17306 17367 7ff65175b608 17364->17367 17366 7ff65175b789 17366->17328 17368 7ff65175b633 17367->17368 17369 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17368->17369 17370 7ff65175b65a 17369->17370 17370->17366 17372 7ff651764f8f fegetenv 17371->17372 17435 7ff651768cbc 17372->17435 17374 7ff65176500f 17378 7ff65175b334 __std_exception_copy 37 API calls 17374->17378 17375 7ff6517650d2 17377 7ff651768cbc 37 API calls 17375->17377 17376 7ff651764fe2 17376->17375 17381 7ff6517650ac 17376->17381 17382 7ff651764ffd 17376->17382 17379 7ff6517650fc 17377->17379 17380 7ff65176508d 17378->17380 17383 7ff651768cbc 37 API calls 17379->17383 17385 7ff6517661b4 17380->17385 17390 7ff651765095 17380->17390 17386 7ff65175b334 __std_exception_copy 37 API calls 17381->17386 17382->17374 17382->17375 17384 7ff65176510d 17383->17384 17441 7ff651768eb0 17384->17441 17388 7ff65175b790 _isindst 17 API calls 17385->17388 17386->17380 17389 7ff6517661c9 17388->17389 17391 7ff65174d3e0 _log10_special 8 API calls 17390->17391 17392 7ff65175f1e1 17391->17392 17416 7ff651764984 17392->17416 17393 7ff65176551f __scrt_get_show_window_mode 17394 7ff651765613 memcpy_s __scrt_get_show_window_mode 17398 7ff65176580b 17394->17398 17409 7ff651755d98 11 API calls _get_daylight 17394->17409 17413 7ff65175b770 37 API calls _invalid_parameter_noinfo 17394->17413 17395 7ff65176585f 17459 7ff651764aa0 17395->17459 17398->17395 17398->17398 17450 7ff6517661cc 17398->17450 17399 7ff6517651b7 memcpy_s 17399->17394 17410 7ff651765afb memcpy_s __scrt_get_show_window_mode 17399->17410 17400 7ff651765176 __scrt_get_show_window_mode 17400->17393 17400->17399 17402 7ff651755d98 _get_daylight 11 API calls 17400->17402 17404 7ff6517655f0 17402->17404 17403 7ff651766158 17407 7ff651768cbc 37 API calls 17403->17407 17405 7ff65175b770 _invalid_parameter_noinfo 37 API calls 17404->17405 17405->17399 17406 7ff6517661cc memcpy_s 37 API calls 17415 7ff651765fd2 17406->17415 17407->17390 17408 7ff651755d98 11 API calls _get_daylight 17408->17410 17409->17394 17410->17395 17410->17398 17410->17408 17412 7ff65175b770 37 API calls _invalid_parameter_noinfo 17410->17412 17411 7ff651764aa0 37 API calls 17411->17415 17412->17410 17413->17394 17414 7ff6517661cc memcpy_s 37 API calls 17414->17415 17415->17403 17415->17411 17415->17414 17417 7ff6517649a3 17416->17417 17418 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17417->17418 17419 7ff6517649ce memcpy_s 17417->17419 17418->17419 17419->17335 17421 7ff65175f068 memcpy_s 17420->17421 17422 7ff651755650 45 API calls 17421->17422 17423 7ff65175f122 memcpy_s __scrt_get_show_window_mode 17421->17423 17422->17423 17423->17340 17423->17423 17425 7ff65175edbb 17424->17425 17429 7ff65175ee08 memcpy_s 17424->17429 17426 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17425->17426 17427 7ff65175ede7 17426->17427 17427->17340 17428 7ff65175ee73 17430 7ff65175b334 __std_exception_copy 37 API calls 17428->17430 17429->17428 17431 7ff651755650 45 API calls 17429->17431 17432 7ff65175eeb5 memcpy_s 17430->17432 17431->17428 17433 7ff65175b790 _isindst 17 API calls 17432->17433 17434 7ff65175ef60 17433->17434 17436 7ff651768cd9 17435->17436 17440 7ff651768cfa 17435->17440 17437 7ff651755d98 _get_daylight 11 API calls 17436->17437 17438 7ff651768cee 17437->17438 17439 7ff65175b770 _invalid_parameter_noinfo 37 API calls 17438->17439 17439->17440 17440->17376 17442 7ff6517691b0 17441->17442 17444 7ff651768ec7 17441->17444 17443 7ff651769160 17448 7ff65176a470 _log10_special 20 API calls 17443->17448 17449 7ff651769156 17443->17449 17444->17443 17445 7ff651768f2f 17444->17445 17446 7ff651769142 17444->17446 17445->17400 17447 7ff65176a470 _log10_special 20 API calls 17446->17447 17447->17449 17448->17449 17449->17400 17453 7ff6517661ed __scrt_get_show_window_mode 17450->17453 17454 7ff6517661e9 memcpy_s 17450->17454 17451 7ff6517661f2 17452 7ff651755d98 _get_daylight 11 API calls 17451->17452 17455 7ff6517661f7 17452->17455 17453->17451 17453->17454 17456 7ff65176622d 17453->17456 17454->17395 17457 7ff65175b770 _invalid_parameter_noinfo 37 API calls 17455->17457 17456->17454 17458 7ff651755d98 _get_daylight 11 API calls 17456->17458 17457->17454 17458->17455 17460 7ff651764ac8 17459->17460 17466 7ff651764b0b 17459->17466 17461 7ff651764aec 17460->17461 17462 7ff651764b12 17460->17462 17460->17466 17463 7ff6517661cc memcpy_s 37 API calls 17461->17463 17464 7ff651764b17 17462->17464 17465 7ff651764b54 17462->17465 17463->17466 17467 7ff6517661cc memcpy_s 37 API calls 17464->17467 17468 7ff6517661cc memcpy_s 37 API calls 17465->17468 17466->17406 17466->17415 17467->17466 17468->17466 17471 7ff65176169c WideCharToMultiByte 17469->17471 17473 7ff651751be3 17472->17473 17474 7ff651751bd1 17472->17474 17476 7ff651751bf0 17473->17476 17481 7ff651751c2d 17473->17481 17475 7ff651755d98 _get_daylight 11 API calls 17474->17475 17477 7ff651751bd6 17475->17477 17478 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17476->17478 17479 7ff65175b770 _invalid_parameter_noinfo 37 API calls 17477->17479 17486 7ff651751be1 17478->17486 17479->17486 17480 7ff651751cd6 17483 7ff651755d98 _get_daylight 11 API calls 17480->17483 17480->17486 17481->17480 17482 7ff651755d98 _get_daylight 11 API calls 17481->17482 17484 7ff651751ccb 17482->17484 17485 7ff651751d80 17483->17485 17487 7ff65175b770 _invalid_parameter_noinfo 37 API calls 17484->17487 17488 7ff65175b770 _invalid_parameter_noinfo 37 API calls 17485->17488 17486->17165 17487->17480 17488->17486 17490 7ff65175568f 17489->17490 17491 7ff65175e861 17489->17491 17493 7ff65175e8b4 17490->17493 17491->17490 17497 7ff651764194 17491->17497 17494 7ff65175e8cd 17493->17494 17496 7ff65175569f 17493->17496 17494->17496 17567 7ff6517634e0 17494->17567 17496->17165 17509 7ff65175bfe0 GetLastError 17497->17509 17500 7ff6517641ee 17500->17490 17510 7ff65175c004 FlsGetValue 17509->17510 17511 7ff65175c021 FlsSetValue 17509->17511 17512 7ff65175c01b 17510->17512 17513 7ff65175c011 17510->17513 17511->17513 17514 7ff65175c033 17511->17514 17512->17511 17515 7ff65175c08d SetLastError 17513->17515 17516 7ff65175fa28 _get_daylight 11 API calls 17514->17516 17517 7ff65175c09a 17515->17517 17518 7ff65175c0ad 17515->17518 17519 7ff65175c042 17516->17519 17517->17500 17531 7ff651761168 EnterCriticalSection 17517->17531 17532 7ff65175b394 17518->17532 17521 7ff65175c060 FlsSetValue 17519->17521 17522 7ff65175c050 FlsSetValue 17519->17522 17524 7ff65175c06c FlsSetValue 17521->17524 17525 7ff65175c07e 17521->17525 17523 7ff65175c059 17522->17523 17527 7ff65175b7d8 __free_lconv_mon 11 API calls 17523->17527 17524->17523 17528 7ff65175bd84 _get_daylight 11 API calls 17525->17528 17527->17513 17529 7ff65175c086 17528->17529 17530 7ff65175b7d8 __free_lconv_mon 11 API calls 17529->17530 17530->17515 17541 7ff6517644e0 17532->17541 17535 7ff65175b3ac 17537 7ff65175b3b5 IsProcessorFeaturePresent 17535->17537 17539 7ff65175b3df _CallSETranslator 17535->17539 17538 7ff65175b3c4 17537->17538 17540 7ff65175b4a4 _isindst 14 API calls 17538->17540 17540->17539 17542 7ff651764498 _CallSETranslator EnterCriticalSection LeaveCriticalSection 17541->17542 17543 7ff65175b39d 17542->17543 17543->17535 17544 7ff651764530 17543->17544 17545 7ff651764560 17544->17545 17548 7ff651764587 17544->17548 17546 7ff65175c158 _get_daylight 11 API calls 17545->17546 17545->17548 17551 7ff651764574 17545->17551 17546->17551 17547 7ff65176465c 17552 7ff651764790 17547->17552 17554 7ff6517646c3 17547->17554 17560 7ff65176468a 17547->17560 17548->17547 17550 7ff651761168 _isindst EnterCriticalSection 17548->17550 17549 7ff6517645c4 17549->17535 17550->17547 17551->17548 17551->17549 17553 7ff651764609 17551->17553 17555 7ff65176479d _CallSETranslator 17552->17555 17558 7ff6517611c8 _isindst LeaveCriticalSection 17552->17558 17556 7ff651755d98 _get_daylight 11 API calls 17553->17556 17557 7ff6517611c8 _isindst LeaveCriticalSection 17554->17557 17566 7ff651764721 17554->17566 17559 7ff65176460e 17556->17559 17557->17566 17558->17555 17561 7ff65175b770 _invalid_parameter_noinfo 37 API calls 17559->17561 17560->17554 17562 7ff65175bfe0 _CallSETranslator 45 API calls 17560->17562 17561->17549 17564 7ff6517646b3 17562->17564 17563 7ff65175bfe0 45 API calls _CallSETranslator 17563->17566 17565 7ff65175bfe0 _CallSETranslator 45 API calls 17564->17565 17565->17554 17566->17563 17568 7ff65175bfe0 _CallSETranslator 45 API calls 17567->17568 17569 7ff6517634e9 17568->17569 17571 7ff651743b4c GetModuleFileNameW 17570->17571 17571->16601 17571->16602 17573 7ff65174a14f FindClose 17572->17573 17574 7ff65174a162 17572->17574 17573->17574 17575 7ff65174d3e0 _log10_special 8 API calls 17574->17575 17576 7ff651743baa 17575->17576 17576->16606 17576->16609 17578 7ff65174d6e0 17577->17578 17579 7ff651742ee0 GetCurrentProcessId 17578->17579 17609 7ff651742710 17579->17609 17581 7ff651742f29 17613 7ff651755a68 17581->17613 17584 7ff651742710 48 API calls 17585 7ff651742fa4 FormatMessageW 17584->17585 17587 7ff651742fdd 17585->17587 17588 7ff651742fef OutputDebugStringW MessageBoxW 17585->17588 17589 7ff651742710 48 API calls 17587->17589 17590 7ff65174d3e0 _log10_special 8 API calls 17588->17590 17589->17588 17591 7ff65174302a 17590->17591 17591->16616 17593 7ff65174a1d0 GetFinalPathNameByHandleW CloseHandle 17592->17593 17594 7ff651743bd5 17592->17594 17593->17594 17594->16617 17594->16618 17596 7ff65174d6e0 17595->17596 17597 7ff651742a84 GetCurrentProcessId 17596->17597 17598 7ff651742710 48 API calls 17597->17598 17599 7ff651742ad7 17598->17599 17600 7ff651755a68 48 API calls 17599->17600 17601 7ff651742b20 OutputDebugStringW MessageBoxW 17600->17601 17602 7ff65174d3e0 _log10_special 8 API calls 17601->17602 17603 7ff651742b5b 17602->17603 17603->16616 17605 7ff65174a2fa WideCharToMultiByte 17604->17605 17606 7ff65174a325 17604->17606 17605->17606 17608 7ff65174a33b __std_exception_destroy 17605->17608 17607 7ff65174a342 WideCharToMultiByte 17606->17607 17606->17608 17607->17608 17608->16614 17610 7ff651742735 17609->17610 17611 7ff651755a68 48 API calls 17610->17611 17612 7ff651742758 17611->17612 17612->17581 17617 7ff651755ac2 17613->17617 17614 7ff651755ae7 17615 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17614->17615 17619 7ff651755b11 17615->17619 17616 7ff651755b23 17631 7ff651753e20 17616->17631 17617->17614 17617->17616 17621 7ff65174d3e0 _log10_special 8 API calls 17619->17621 17620 7ff651755c04 17622 7ff65175b7d8 __free_lconv_mon 11 API calls 17620->17622 17624 7ff651742f74 17621->17624 17622->17619 17624->17584 17625 7ff651755c2a 17625->17620 17627 7ff651755c34 17625->17627 17626 7ff651755bd9 17628 7ff65175b7d8 __free_lconv_mon 11 API calls 17626->17628 17630 7ff65175b7d8 __free_lconv_mon 11 API calls 17627->17630 17628->17619 17629 7ff651755bd0 17629->17620 17629->17626 17630->17619 17632 7ff651753e5e 17631->17632 17633 7ff651753e4e 17631->17633 17634 7ff651753e67 17632->17634 17640 7ff651753e95 17632->17640 17635 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17633->17635 17636 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17634->17636 17637 7ff651753e8d 17635->17637 17636->17637 17637->17620 17637->17625 17637->17626 17637->17629 17640->17633 17640->17637 17642 7ff651754834 17640->17642 17675 7ff651754280 17640->17675 17712 7ff651753a10 17640->17712 17643 7ff651754876 17642->17643 17644 7ff6517548e7 17642->17644 17645 7ff65175487c 17643->17645 17646 7ff651754911 17643->17646 17647 7ff6517548ec 17644->17647 17648 7ff651754940 17644->17648 17649 7ff6517548b0 17645->17649 17650 7ff651754881 17645->17650 17731 7ff651752be4 17646->17731 17651 7ff6517548ee 17647->17651 17652 7ff651754921 17647->17652 17654 7ff651754957 17648->17654 17657 7ff65175494a 17648->17657 17661 7ff65175494f 17648->17661 17655 7ff651754887 17649->17655 17649->17661 17650->17654 17650->17655 17656 7ff651754890 17651->17656 17664 7ff6517548fd 17651->17664 17738 7ff6517527d4 17652->17738 17745 7ff65175553c 17654->17745 17655->17656 17662 7ff6517548c2 17655->17662 17672 7ff6517548ab 17655->17672 17670 7ff651754980 17656->17670 17715 7ff651754fe8 17656->17715 17657->17646 17657->17661 17661->17670 17749 7ff651752ff4 17661->17749 17662->17670 17725 7ff651755324 17662->17725 17664->17646 17666 7ff651754902 17664->17666 17668 7ff6517553e8 37 API calls 17666->17668 17666->17670 17667 7ff65174d3e0 _log10_special 8 API calls 17669 7ff651754c7a 17667->17669 17668->17672 17669->17640 17670->17667 17671 7ff651755650 45 API calls 17674 7ff651754b6c 17671->17674 17672->17670 17672->17671 17672->17674 17674->17670 17756 7ff65175f898 17674->17756 17676 7ff6517542a4 17675->17676 17677 7ff65175428e 17675->17677 17678 7ff6517542e4 17676->17678 17681 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17676->17681 17677->17678 17679 7ff651754876 17677->17679 17680 7ff6517548e7 17677->17680 17678->17640 17682 7ff65175487c 17679->17682 17683 7ff651754911 17679->17683 17684 7ff6517548ec 17680->17684 17685 7ff651754940 17680->17685 17681->17678 17686 7ff6517548b0 17682->17686 17687 7ff651754881 17682->17687 17690 7ff651752be4 38 API calls 17683->17690 17688 7ff6517548ee 17684->17688 17689 7ff651754921 17684->17689 17691 7ff651754957 17685->17691 17694 7ff65175494a 17685->17694 17698 7ff65175494f 17685->17698 17692 7ff651754887 17686->17692 17686->17698 17687->17691 17687->17692 17693 7ff651754890 17688->17693 17701 7ff6517548fd 17688->17701 17696 7ff6517527d4 38 API calls 17689->17696 17708 7ff6517548ab 17690->17708 17695 7ff65175553c 45 API calls 17691->17695 17692->17693 17699 7ff6517548c2 17692->17699 17692->17708 17697 7ff651754fe8 47 API calls 17693->17697 17710 7ff651754980 17693->17710 17694->17683 17694->17698 17695->17708 17696->17708 17697->17708 17700 7ff651752ff4 38 API calls 17698->17700 17698->17710 17702 7ff651755324 46 API calls 17699->17702 17699->17710 17700->17708 17701->17683 17703 7ff651754902 17701->17703 17702->17708 17705 7ff6517553e8 37 API calls 17703->17705 17703->17710 17704 7ff65174d3e0 _log10_special 8 API calls 17706 7ff651754c7a 17704->17706 17705->17708 17706->17640 17707 7ff651755650 45 API calls 17711 7ff651754b6c 17707->17711 17708->17707 17708->17710 17708->17711 17709 7ff65175f898 46 API calls 17709->17711 17710->17704 17711->17709 17711->17710 17790 7ff651751e58 17712->17790 17716 7ff65175500e 17715->17716 17717 7ff651751a10 12 API calls 17716->17717 17718 7ff65175505e 17717->17718 17719 7ff65175f400 46 API calls 17718->17719 17720 7ff651755131 17719->17720 17721 7ff651755650 45 API calls 17720->17721 17723 7ff651755153 17720->17723 17721->17723 17722 7ff651755650 45 API calls 17724 7ff6517551e1 17722->17724 17723->17722 17723->17723 17723->17724 17724->17672 17726 7ff651755359 17725->17726 17727 7ff651755377 17726->17727 17728 7ff651755650 45 API calls 17726->17728 17730 7ff65175539e 17726->17730 17729 7ff65175f898 46 API calls 17727->17729 17728->17727 17729->17730 17730->17672 17732 7ff651752c17 17731->17732 17733 7ff651752c46 17732->17733 17735 7ff651752d03 17732->17735 17737 7ff651752c83 17733->17737 17768 7ff651751ab8 17733->17768 17736 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17735->17736 17736->17737 17737->17672 17740 7ff651752807 17738->17740 17739 7ff651752836 17741 7ff651751ab8 12 API calls 17739->17741 17744 7ff651752873 17739->17744 17740->17739 17742 7ff6517528f3 17740->17742 17741->17744 17743 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17742->17743 17743->17744 17744->17672 17746 7ff65175557f 17745->17746 17748 7ff651755583 __crtLCMapStringW 17746->17748 17776 7ff6517555d8 17746->17776 17748->17672 17750 7ff651753027 17749->17750 17751 7ff651753056 17750->17751 17753 7ff651753113 17750->17753 17752 7ff651751ab8 12 API calls 17751->17752 17755 7ff651753093 17751->17755 17752->17755 17754 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17753->17754 17754->17755 17755->17672 17758 7ff65175f8c9 17756->17758 17763 7ff65175f8d7 17756->17763 17757 7ff65175f8f7 17760 7ff65175f908 17757->17760 17761 7ff65175f92f 17757->17761 17758->17757 17759 7ff651755650 45 API calls 17758->17759 17758->17763 17759->17757 17780 7ff651760f30 17760->17780 17761->17763 17764 7ff65175f9ba 17761->17764 17766 7ff65175f959 17761->17766 17763->17674 17765 7ff651760730 _fread_nolock MultiByteToWideChar 17764->17765 17765->17763 17766->17763 17783 7ff651760730 17766->17783 17769 7ff651751aef 17768->17769 17775 7ff651751ade 17768->17775 17770 7ff65175e48c _fread_nolock 12 API calls 17769->17770 17769->17775 17771 7ff651751b20 17770->17771 17773 7ff65175b7d8 __free_lconv_mon 11 API calls 17771->17773 17774 7ff651751b34 17771->17774 17772 7ff65175b7d8 __free_lconv_mon 11 API calls 17772->17775 17773->17774 17774->17772 17775->17737 17777 7ff6517555f6 17776->17777 17779 7ff6517555fe 17776->17779 17778 7ff651755650 45 API calls 17777->17778 17778->17779 17779->17748 17786 7ff651767c18 17780->17786 17785 7ff651760739 MultiByteToWideChar 17783->17785 17789 7ff651767c7c 17786->17789 17787 7ff65174d3e0 _log10_special 8 API calls 17788 7ff651760f4d 17787->17788 17788->17763 17789->17787 17791 7ff651751e8d 17790->17791 17792 7ff651751e9f 17790->17792 17793 7ff651755d98 _get_daylight 11 API calls 17791->17793 17795 7ff651751ead 17792->17795 17798 7ff651751ee9 17792->17798 17794 7ff651751e92 17793->17794 17796 7ff65175b770 _invalid_parameter_noinfo 37 API calls 17794->17796 17797 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17795->17797 17804 7ff651751e9d 17796->17804 17797->17804 17799 7ff651752265 17798->17799 17801 7ff651755d98 _get_daylight 11 API calls 17798->17801 17800 7ff651755d98 _get_daylight 11 API calls 17799->17800 17799->17804 17802 7ff6517524f9 17800->17802 17803 7ff65175225a 17801->17803 17805 7ff65175b770 _invalid_parameter_noinfo 37 API calls 17802->17805 17806 7ff65175b770 _invalid_parameter_noinfo 37 API calls 17803->17806 17804->17640 17805->17804 17806->17799 17808 7ff651751594 17807->17808 17835 7ff6517512f4 17808->17835 17810 7ff6517515ad 17810->16641 17847 7ff65175124c 17811->17847 17815 7ff65174d6e0 17814->17815 17816 7ff651742b90 GetCurrentProcessId 17815->17816 17817 7ff651741cc0 49 API calls 17816->17817 17818 7ff651742bd9 17817->17818 17819 7ff651755814 49 API calls 17818->17819 17820 7ff651742c23 17819->17820 17861 7ff651755ff0 17820->17861 17823 7ff651741cc0 49 API calls 17824 7ff651742c5f 17823->17824 17873 7ff651742660 17824->17873 17827 7ff65174d3e0 _log10_special 8 API calls 17828 7ff651742c91 17827->17828 17828->16681 17830 7ff651741bc9 17829->17830 17831 7ff651750fa9 17829->17831 17830->16680 17830->16681 17832 7ff651755d98 _get_daylight 11 API calls 17831->17832 17833 7ff651750fae 17832->17833 17834 7ff65175b770 _invalid_parameter_noinfo 37 API calls 17833->17834 17834->17830 17836 7ff65175135e 17835->17836 17837 7ff65175131e 17835->17837 17836->17837 17838 7ff65175136a 17836->17838 17839 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 17837->17839 17846 7ff6517562fc EnterCriticalSection 17838->17846 17841 7ff651751345 17839->17841 17841->17810 17848 7ff651751276 17847->17848 17859 7ff651741a60 17847->17859 17849 7ff6517512c2 17848->17849 17850 7ff651751285 __scrt_get_show_window_mode 17848->17850 17848->17859 17860 7ff6517562fc EnterCriticalSection 17849->17860 17852 7ff651755d98 _get_daylight 11 API calls 17850->17852 17854 7ff65175129a 17852->17854 17857 7ff65175b770 _invalid_parameter_noinfo 37 API calls 17854->17857 17857->17859 17859->16650 17859->16652 17862 7ff65175c158 _get_daylight 11 API calls 17861->17862 17863 7ff651756007 17862->17863 17864 7ff651742c45 17863->17864 17865 7ff65175fa28 _get_daylight 11 API calls 17863->17865 17868 7ff651756047 17863->17868 17864->17823 17866 7ff65175603c 17865->17866 17867 7ff65175b7d8 __free_lconv_mon 11 API calls 17866->17867 17867->17868 17868->17864 17882 7ff65175fab0 17868->17882 17871 7ff65175b790 _isindst 17 API calls 17872 7ff65175608c 17871->17872 17874 7ff65174266f 17873->17874 17875 7ff65174a220 2 API calls 17874->17875 17876 7ff6517426a0 17875->17876 17877 7ff6517426ce OutputDebugStringA MessageBoxA 17876->17877 17878 7ff6517426a5 OutputDebugStringW MessageBoxW 17876->17878 17879 7ff6517426ee 17877->17879 17878->17879 17880 7ff65174d3e0 _log10_special 8 API calls 17879->17880 17881 7ff6517426fe 17880->17881 17881->17827 17885 7ff65175facd 17882->17885 17883 7ff65175fad2 17884 7ff651755d98 _get_daylight 11 API calls 17883->17884 17888 7ff65175606d 17883->17888 17890 7ff65175fadc 17884->17890 17885->17883 17887 7ff65175fb1c 17885->17887 17885->17888 17886 7ff65175b770 _invalid_parameter_noinfo 37 API calls 17886->17888 17887->17888 17889 7ff651755d98 _get_daylight 11 API calls 17887->17889 17888->17864 17888->17871 17889->17890 17890->17886 17892 7ff6517493a1 GetTokenInformation 17891->17892 17894 7ff651749423 __std_exception_destroy 17891->17894 17893 7ff6517493c2 GetLastError 17892->17893 17895 7ff6517493cd 17892->17895 17893->17894 17893->17895 17896 7ff65174943c 17894->17896 17897 7ff651749436 CloseHandle 17894->17897 17895->17894 17898 7ff6517493e9 GetTokenInformation 17895->17898 17896->16699 17897->17896 17898->17894 17899 7ff65174940c 17898->17899 17899->17894 17900 7ff651749416 ConvertSidToStringSidW 17899->17900 17900->17894 17902 7ff65174d6e0 17901->17902 17903 7ff651742dd4 GetCurrentProcessId 17902->17903 17904 7ff651742710 48 API calls 17903->17904 17905 7ff651742e27 17904->17905 17906 7ff651755a68 48 API calls 17905->17906 17907 7ff651742e70 OutputDebugStringW MessageBoxW 17906->17907 17908 7ff65174d3e0 _log10_special 8 API calls 17907->17908 17909 7ff651742eab 17908->17909 17909->16711 17911 7ff651742625 17910->17911 17912 7ff651755a68 48 API calls 17911->17912 17913 7ff651742644 17912->17913 17913->16725 17968 7ff651759624 17914->17968 17918 7ff651748c5c 17917->17918 17919 7ff65174a220 2 API calls 17918->17919 17920 7ff651748c7b 17919->17920 17921 7ff651748c96 ExpandEnvironmentStringsW 17920->17921 17922 7ff651748c83 17920->17922 17923 7ff651748cbc __std_exception_destroy 17921->17923 17924 7ff651742a60 51 API calls 17922->17924 17926 7ff651748cd3 17923->17926 17927 7ff651748cc0 17923->17927 17925 7ff651748c8f __std_exception_destroy 17924->17925 17929 7ff65174d3e0 _log10_special 8 API calls 17925->17929 17931 7ff651748ce6 17926->17931 17932 7ff651748d61 17926->17932 17928 7ff651742a60 51 API calls 17927->17928 17928->17925 17930 7ff651748e81 17929->17930 17930->16726 17958 7ff6517590c8 17930->17958 17934 7ff651742880 50 API calls 17931->17934 18106 7ff651758c98 17932->18106 17938 7ff651748cf2 17934->17938 17935 7ff651748d6e 17936 7ff651748d76 17935->17936 17937 7ff651748d89 17935->17937 17943 7ff651742a60 51 API calls 17936->17943 17940 7ff651742880 50 API calls 17937->17940 17939 7ff651748d27 GetDriveTypeW 17938->17939 17944 7ff651742880 50 API calls 17938->17944 17941 7ff651748d37 17939->17941 17942 7ff651748d52 17939->17942 17945 7ff651742a60 51 API calls 17941->17945 18099 7ff6517587fc 17942->18099 17943->17925 17947 7ff651748d0b 17944->17947 17945->17925 17947->17939 17959 7ff6517590e8 17958->17959 17960 7ff6517590d5 17958->17960 18207 7ff651758d4c 17959->18207 17961 7ff651755d98 _get_daylight 11 API calls 17960->17961 17963 7ff6517590da 17961->17963 17964 7ff65175b770 _invalid_parameter_noinfo 37 API calls 17963->17964 17965 7ff6517590e6 17964->17965 17965->16729 18009 7ff6517623e8 17968->18009 18068 7ff651762160 18009->18068 18089 7ff651761168 EnterCriticalSection 18068->18089 18100 7ff65175881a 18099->18100 18103 7ff65175884d 18099->18103 18100->18103 18118 7ff651761304 18100->18118 18103->17925 18104 7ff65175b790 _isindst 17 API calls 18107 7ff651758d22 18106->18107 18108 7ff651758cb4 18106->18108 18152 7ff651761650 18107->18152 18108->18107 18110 7ff651758cb9 18108->18110 18111 7ff651758cee 18110->18111 18112 7ff651758cd1 18110->18112 18135 7ff651758adc GetFullPathNameW 18111->18135 18127 7ff651758a68 GetFullPathNameW 18112->18127 18117 7ff651758ce6 __std_exception_destroy 18117->17935 18119 7ff65176131b 18118->18119 18120 7ff651761311 18118->18120 18121 7ff651755d98 _get_daylight 11 API calls 18119->18121 18120->18119 18125 7ff651761337 18120->18125 18122 7ff651761323 18121->18122 18123 7ff65175b770 _invalid_parameter_noinfo 37 API calls 18122->18123 18124 7ff651758849 18123->18124 18124->18103 18124->18104 18125->18124 18126 7ff651755d98 _get_daylight 11 API calls 18125->18126 18126->18122 18128 7ff651758aa4 18127->18128 18129 7ff651758a8e GetLastError 18127->18129 18133 7ff651755d98 _get_daylight 11 API calls 18128->18133 18134 7ff651758aa0 18128->18134 18130 7ff651755d0c _fread_nolock 11 API calls 18129->18130 18131 7ff651758a9b 18130->18131 18132 7ff651755d98 _get_daylight 11 API calls 18131->18132 18132->18134 18133->18134 18134->18117 18136 7ff651758b0f GetLastError 18135->18136 18140 7ff651758b25 __std_exception_destroy 18135->18140 18137 7ff651755d0c _fread_nolock 11 API calls 18136->18137 18138 7ff651758b1c 18137->18138 18139 7ff651755d98 _get_daylight 11 API calls 18138->18139 18141 7ff651758b21 18139->18141 18140->18141 18142 7ff651758b7f GetFullPathNameW 18140->18142 18143 7ff651758bb4 18141->18143 18142->18136 18142->18141 18144 7ff651758c28 memcpy_s 18143->18144 18145 7ff651758bdd __scrt_get_show_window_mode 18143->18145 18144->18117 18145->18144 18146 7ff651758c11 18145->18146 18149 7ff651758c4a 18145->18149 18147 7ff651755d98 _get_daylight 11 API calls 18146->18147 18149->18144 18150 7ff651755d98 _get_daylight 11 API calls 18149->18150 18155 7ff651761460 18152->18155 18156 7ff65176148b 18155->18156 18157 7ff6517614a2 18155->18157 18158 7ff651755d98 _get_daylight 11 API calls 18156->18158 18159 7ff6517614c7 18157->18159 18160 7ff6517614a6 18157->18160 18175 7ff651761490 18158->18175 18193 7ff651760448 18159->18193 18181 7ff6517615cc 18160->18181 18163 7ff6517614cc 18165 7ff65175b770 _invalid_parameter_noinfo 37 API calls 18179 7ff65176149b __std_exception_destroy 18165->18179 18166 7ff6517614af 18171 7ff65174d3e0 _log10_special 8 API calls 18174 7ff6517615c1 18171->18174 18174->18117 18175->18165 18179->18171 18182 7ff651761616 18181->18182 18183 7ff6517615e6 18181->18183 18185 7ff651761601 18182->18185 18186 7ff651761621 GetDriveTypeW 18182->18186 18184 7ff651755d78 _fread_nolock 11 API calls 18183->18184 18187 7ff6517615eb 18184->18187 18189 7ff65174d3e0 _log10_special 8 API calls 18185->18189 18186->18185 18188 7ff651755d98 _get_daylight 11 API calls 18187->18188 18190 7ff6517615f6 18188->18190 18191 7ff6517614ab 18189->18191 18191->18163 18191->18166 18194 7ff65176b360 __scrt_get_show_window_mode 18193->18194 18195 7ff65176047e GetCurrentDirectoryW 18194->18195 18196 7ff6517604bc 18195->18196 18197 7ff651760495 18195->18197 18198 7ff65175fa28 _get_daylight 11 API calls 18196->18198 18199 7ff65174d3e0 _log10_special 8 API calls 18197->18199 18214 7ff651761168 EnterCriticalSection 18207->18214 18221 7ff65174366e __scrt_get_show_window_mode 18215->18221 18216 7ff651743867 18217 7ff65174d3e0 _log10_special 8 API calls 18216->18217 18218 7ff651743904 18217->18218 18218->16770 18218->16771 18220 7ff651741cc0 49 API calls 18220->18221 18221->18216 18221->18220 18226 7ff651743869 18221->18226 18228 7ff651743882 18221->18228 18229 7ff651742cb0 56 API calls 18221->18229 18232 7ff651743870 18221->18232 18235 7ff651744bf0 18221->18235 18241 7ff651748780 18221->18241 18252 7ff651741600 18221->18252 18300 7ff651747a20 18221->18300 18304 7ff6517447c0 18221->18304 18361 7ff651744ae0 18221->18361 18223 7ff651742960 56 API calls 18223->18216 18227 7ff651742960 56 API calls 18226->18227 18227->18216 18228->18223 18229->18221 18233 7ff651742960 56 API calls 18232->18233 18233->18216 18236 7ff651744bfa 18235->18236 18237 7ff65174a220 2 API calls 18236->18237 18238 7ff651744c1f 18237->18238 18239 7ff65174d3e0 _log10_special 8 API calls 18238->18239 18240 7ff651744c47 18239->18240 18240->18221 18243 7ff65174878e 18241->18243 18242 7ff6517488b2 18245 7ff65174d3e0 _log10_special 8 API calls 18242->18245 18243->18242 18244 7ff651741cc0 49 API calls 18243->18244 18249 7ff651748815 18244->18249 18246 7ff6517488e3 18245->18246 18246->18221 18247 7ff651741cc0 49 API calls 18247->18249 18248 7ff651744bf0 10 API calls 18248->18249 18249->18242 18249->18247 18249->18248 18250 7ff65174a220 2 API calls 18249->18250 18251 7ff651748883 CreateDirectoryW 18250->18251 18251->18242 18251->18249 18253 7ff651741637 18252->18253 18254 7ff651741613 18252->18254 18256 7ff651744c50 108 API calls 18253->18256 18388 7ff651741050 18254->18388 18258 7ff65174164b 18256->18258 18257 7ff651741618 18259 7ff65174162e 18257->18259 18263 7ff651742960 56 API calls 18257->18263 18260 7ff651741653 18258->18260 18261 7ff651741682 18258->18261 18259->18221 18264 7ff651755d98 _get_daylight 11 API calls 18260->18264 18262 7ff651744c50 108 API calls 18261->18262 18265 7ff651741696 18262->18265 18263->18259 18266 7ff651741658 18264->18266 18267 7ff6517416b8 18265->18267 18268 7ff65174169e 18265->18268 18269 7ff651742b70 56 API calls 18266->18269 18271 7ff651751564 73 API calls 18267->18271 18270 7ff651742960 56 API calls 18268->18270 18272 7ff651741671 18269->18272 18273 7ff6517416ae 18270->18273 18274 7ff6517416cd 18271->18274 18272->18221 18277 7ff651750edc 74 API calls 18273->18277 18275 7ff6517416f9 18274->18275 18276 7ff6517416d1 18274->18276 18279 7ff651741717 18275->18279 18280 7ff6517416ff 18275->18280 18278 7ff651755d98 _get_daylight 11 API calls 18276->18278 18282 7ff651741829 18277->18282 18283 7ff6517416d6 18278->18283 18285 7ff651741739 18279->18285 18295 7ff651741761 18279->18295 18364 7ff651741210 18280->18364 18282->18221 18284 7ff651742b70 56 API calls 18283->18284 18291 7ff6517416ef __std_exception_destroy 18284->18291 18287 7ff651755d98 _get_daylight 11 API calls 18285->18287 18290 7ff65175122c _fread_nolock 53 API calls 18290->18295 18292 7ff6517417da 18295->18290 18295->18291 18295->18292 18297 7ff6517417c5 18295->18297 18419 7ff65175196c 18295->18419 18302 7ff651747a8b 18300->18302 18303 7ff651747a44 18300->18303 18302->18221 18303->18302 18457 7ff651755eb4 18303->18457 18305 7ff6517447db 18304->18305 18306 7ff651742770 53 API calls 18305->18306 18307 7ff651744814 18306->18307 18308 7ff651744b70 49 API calls 18307->18308 18309 7ff651744824 18308->18309 18310 7ff651744b70 49 API calls 18309->18310 18311 7ff651744833 18310->18311 18312 7ff651744881 18311->18312 18313 7ff651744853 18311->18313 18315 7ff651744740 51 API calls 18312->18315 18488 7ff651744740 18313->18488 18316 7ff65174487f 18315->18316 18317 7ff6517448ae 18316->18317 18318 7ff6517448f4 18316->18318 18320 7ff651742770 53 API calls 18317->18320 18319 7ff651742770 53 API calls 18318->18319 18322 7ff651744900 18319->18322 18321 7ff6517448c1 18320->18321 18495 7ff651748650 18321->18495 18362 7ff651741cc0 49 API calls 18361->18362 18363 7ff651744b04 18362->18363 18363->18221 18363->18363 18365 7ff651741268 18364->18365 18389 7ff651744c50 108 API calls 18388->18389 18390 7ff65174108c 18389->18390 18391 7ff6517410a9 18390->18391 18392 7ff651741094 18390->18392 18394 7ff651751564 73 API calls 18391->18394 18393 7ff651742960 56 API calls 18392->18393 18400 7ff6517410a4 __std_exception_destroy 18393->18400 18395 7ff6517410bf 18394->18395 18396 7ff6517410e6 18395->18396 18397 7ff6517410c3 18395->18397 18402 7ff6517410f7 18396->18402 18403 7ff651741122 18396->18403 18398 7ff651755d98 _get_daylight 11 API calls 18397->18398 18399 7ff6517410c8 18398->18399 18401 7ff651742b70 56 API calls 18399->18401 18400->18257 18408 7ff6517410e1 __std_exception_destroy 18401->18408 18404 7ff651755d98 _get_daylight 11 API calls 18402->18404 18405 7ff651741129 18403->18405 18413 7ff65174113c 18403->18413 18407 7ff651741100 18404->18407 18406 7ff651741210 94 API calls 18405->18406 18406->18408 18409 7ff651742b70 56 API calls 18407->18409 18410 7ff651750edc 74 API calls 18408->18410 18409->18408 18411 7ff6517411b4 18410->18411 18411->18400 18412 7ff65175122c _fread_nolock 53 API calls 18412->18413 18413->18408 18413->18412 18415 7ff6517411ed 18413->18415 18416 7ff651755d98 _get_daylight 11 API calls 18415->18416 18417 7ff6517411f2 18416->18417 18458 7ff651755eee 18457->18458 18459 7ff651755ec1 18457->18459 18462 7ff651755f11 18458->18462 18463 7ff651755f2d 18458->18463 18460 7ff651755d98 _get_daylight 11 API calls 18459->18460 18461 7ff651755e78 18459->18461 18464 7ff651755ecb 18460->18464 18461->18303 18465 7ff651755d98 _get_daylight 11 API calls 18462->18465 18472 7ff651755ddc 18463->18472 18468 7ff65175b770 _invalid_parameter_noinfo 37 API calls 18464->18468 18466 7ff651755f16 18465->18466 18469 7ff65175b770 _invalid_parameter_noinfo 37 API calls 18466->18469 18470 7ff651755ed6 18468->18470 18471 7ff651755f21 18469->18471 18470->18303 18471->18303 18473 7ff651755e00 18472->18473 18474 7ff651755dfb 18472->18474 18473->18474 18475 7ff65175bfe0 _CallSETranslator 45 API calls 18473->18475 18474->18471 18476 7ff651755e1b 18475->18476 18480 7ff65175e814 18476->18480 18481 7ff65175e829 18480->18481 18482 7ff651755e3e 18480->18482 18481->18482 18483 7ff651764194 45 API calls 18481->18483 18484 7ff65175e880 18482->18484 18483->18482 18485 7ff65175e8a8 18484->18485 18486 7ff65175e895 18484->18486 18485->18474 18486->18485 18487 7ff6517634e0 45 API calls 18486->18487 18487->18485 18489 7ff651744766 18488->18489 18490 7ff651755814 49 API calls 18489->18490 18491 7ff65174478c 18490->18491 18492 7ff65174479d 18491->18492 18493 7ff651744bf0 10 API calls 18491->18493 18492->18316 18552 7ff651756d58 18551->18552 18553 7ff651756d7e 18552->18553 18555 7ff651756db1 18552->18555 18554 7ff651755d98 _get_daylight 11 API calls 18553->18554 18556 7ff651756d83 18554->18556 18557 7ff651756db7 18555->18557 18558 7ff651756dc4 18555->18558 18559 7ff65175b770 _invalid_parameter_noinfo 37 API calls 18556->18559 18560 7ff651755d98 _get_daylight 11 API calls 18557->18560 18570 7ff65175bab8 18558->18570 18562 7ff651744ca6 18559->18562 18560->18562 18562->16833 18583 7ff651761168 EnterCriticalSection 18570->18583 18943 7ff651758788 18942->18943 18946 7ff651758264 18943->18946 18945 7ff6517587a1 18945->16846 18947 7ff65175827f 18946->18947 18948 7ff6517582ae 18946->18948 18950 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 18947->18950 18956 7ff6517562fc EnterCriticalSection 18948->18956 18952 7ff65175829f 18950->18952 18952->18945 18958 7ff651750cd3 18957->18958 18959 7ff651750d01 18957->18959 18960 7ff65175b6a4 _invalid_parameter_noinfo 37 API calls 18958->18960 18961 7ff651750cf3 18959->18961 18967 7ff6517562fc EnterCriticalSection 18959->18967 18960->18961 18961->16858 18969 7ff651744c50 108 API calls 18968->18969 18970 7ff651741493 18969->18970 18971 7ff6517414bc 18970->18971 18972 7ff65174149b 18970->18972 18974 7ff651751564 73 API calls 18971->18974 18973 7ff651742960 56 API calls 18972->18973 18975 7ff6517414ab 18973->18975 18976 7ff6517414d1 18974->18976 18975->16891 18977 7ff6517414f8 18976->18977 18978 7ff6517414d5 18976->18978 18981 7ff651741508 18977->18981 18982 7ff651741532 18977->18982 18979 7ff651755d98 _get_daylight 11 API calls 18978->18979 18980 7ff6517414da 18979->18980 18983 7ff651742b70 56 API calls 18980->18983 18984 7ff651755d98 _get_daylight 11 API calls 18981->18984 18985 7ff651741538 18982->18985 18993 7ff65174154b 18982->18993 18990 7ff6517414f3 __std_exception_destroy 18983->18990 18986 7ff651741510 18984->18986 18987 7ff651741210 94 API calls 18985->18987 18988 7ff651742b70 56 API calls 18986->18988 18987->18990 18988->18990 18989 7ff651750edc 74 API calls 18990->18989 18992 7ff65175122c _fread_nolock 53 API calls 18992->18993 18993->18990 18993->18992 18994 7ff6517415d6 18993->18994 18995 7ff651755d98 _get_daylight 11 API calls 18994->18995 19079 7ff651746a75 19078->19079 19080 7ff651741cc0 49 API calls 19079->19080 19081 7ff651746ab1 19080->19081 19082 7ff651746add 19081->19082 19083 7ff651746aba 19081->19083 19085 7ff651744cc0 49 API calls 19082->19085 19084 7ff651742960 56 API calls 19083->19084 19112 7ff651746ad3 19084->19112 19086 7ff651746af5 19085->19086 19087 7ff651746b13 19086->19087 19090 7ff651742960 56 API calls 19086->19090 19088 7ff651744bf0 10 API calls 19087->19088 19091 7ff651746b1d 19088->19091 19089 7ff65174d3e0 _log10_special 8 API calls 19092 7ff6517435ee 19089->19092 19090->19087 19093 7ff651746b3c 19091->19093 19094 7ff651742770 53 API calls 19091->19094 19092->16995 19113 7ff651746c20 19092->19113 19095 7ff651744cc0 49 API calls 19093->19095 19096 7ff651746b32 19094->19096 19097 7ff651746b55 19095->19097 19098 7ff651749e00 3 API calls 19096->19098 19099 7ff651746b7a 19097->19099 19100 7ff651746b5a 19097->19100 19098->19093 19102 7ff651742770 53 API calls 19099->19102 19101 7ff651742960 56 API calls 19100->19101 19101->19112 19103 7ff651746b8e 19102->19103 19104 7ff651749e00 3 API calls 19103->19104 19112->19089 19321 7ff651745a90 19113->19321 19115 7ff651746c43 19116 7ff651746c5c 19115->19116 19117 7ff651746c4b 19115->19117 19119 7ff651742770 53 API calls 19116->19119 19118 7ff651742960 56 API calls 19117->19118 19125 7ff651746c57 19118->19125 19120 7ff651746c68 19119->19120 19325 7ff651745abc 19321->19325 19322 7ff651745ac4 19322->19115 19323 7ff651745e27 __std_exception_destroy 19323->19115 19324 7ff651744e60 47 API calls 19326 7ff651745c64 19324->19326 19325->19322 19325->19326 19352 7ff651757934 19325->19352 19326->19323 19326->19324 19353 7ff651757964 19352->19353 19356 7ff651756e30 19353->19356 19357 7ff651756e73 19356->19357 19358 7ff651756e61 19356->19358 19360 7ff651756ebd 19357->19360 19363 7ff651756e80 19357->19363 19359 7ff651755d98 _get_daylight 11 API calls 19358->19359 19470 7ff6517466bd 19469->19470 19471 7ff65174391e 19469->19471 19470->19471 19472 7ff651742770 53 API calls 19470->19472 19471->17009 19471->17010 19472->19471 19473->17009 19475 7ff65174d982 RtlLookupFunctionEntry 19474->19475 19476 7ff65174d998 RtlVirtualUnwind 19475->19476 19477 7ff65174d79b 19475->19477 19476->19475 19476->19477 19478 7ff65174d730 SetUnhandledExceptionFilter UnhandledExceptionFilter GetCurrentProcess TerminateProcess 19477->19478 19480 7ff65175bfe0 _CallSETranslator 45 API calls 19479->19480 19481 7ff65175b271 19480->19481 19482 7ff65175b394 _CallSETranslator 45 API calls 19481->19482 19483 7ff65175b291 19482->19483 20692 7ff65174d9e0 20693 7ff65174d9f0 20692->20693 20709 7ff65175aa38 20693->20709 20695 7ff65174d9fc 20715 7ff65174dcd8 20695->20715 20697 7ff65174da69 20698 7ff65174dfbc 7 API calls 20697->20698 20708 7ff65174da85 20697->20708 20700 7ff65174da95 20698->20700 20699 7ff65174da14 _RTC_Initialize 20699->20697 20720 7ff65174de88 20699->20720 20702 7ff65174da29 20723 7ff651759ea4 20702->20723 20710 7ff65175aa49 20709->20710 20711 7ff65175aa51 20710->20711 20712 7ff651755d98 _get_daylight 11 API calls 20710->20712 20711->20695 20713 7ff65175aa60 20712->20713 20714 7ff65175b770 _invalid_parameter_noinfo 37 API calls 20713->20714 20714->20711 20716 7ff65174dce9 20715->20716 20719 7ff65174dcee __scrt_acquire_startup_lock 20715->20719 20717 7ff65174dfbc 7 API calls 20716->20717 20716->20719 20718 7ff65174dd62 20717->20718 20719->20699 20748 7ff65174de4c 20720->20748 20722 7ff65174de91 20722->20702 20724 7ff651759ec4 20723->20724 20746 7ff65174da35 20723->20746 20725 7ff651759ecc 20724->20725 20726 7ff651759ee2 GetModuleFileNameW 20724->20726 20727 7ff651755d98 _get_daylight 11 API calls 20725->20727 20730 7ff651759f0d 20726->20730 20728 7ff651759ed1 20727->20728 20729 7ff65175b770 _invalid_parameter_noinfo 37 API calls 20728->20729 20729->20746 20731 7ff651759e44 11 API calls 20730->20731 20732 7ff651759f4d 20731->20732 20733 7ff651759f55 20732->20733 20738 7ff651759f6d 20732->20738 20734 7ff651755d98 _get_daylight 11 API calls 20733->20734 20735 7ff651759f5a 20734->20735 20736 7ff65175b7d8 __free_lconv_mon 11 API calls 20735->20736 20736->20746 20737 7ff651759f8f 20739 7ff65175b7d8 __free_lconv_mon 11 API calls 20737->20739 20738->20737 20740 7ff651759fbb 20738->20740 20741 7ff651759fd4 20738->20741 20739->20746 20742 7ff65175b7d8 __free_lconv_mon 11 API calls 20740->20742 20744 7ff65175b7d8 __free_lconv_mon 11 API calls 20741->20744 20743 7ff651759fc4 20742->20743 20745 7ff65175b7d8 __free_lconv_mon 11 API calls 20743->20745 20744->20737 20745->20746 20746->20697 20747 7ff65174df5c InitializeSListHead 20746->20747 20749 7ff65174de66 20748->20749 20750 7ff65174de5f 20748->20750 20752 7ff65175b07c 20749->20752 20750->20722 20755 7ff65175acb8 20752->20755 20762 7ff651761168 EnterCriticalSection 20755->20762 20250 7ff65175be60 20251 7ff65175be65 20250->20251 20252 7ff65175be7a 20250->20252 20256 7ff65175be80 20251->20256 20257 7ff65175bec2 20256->20257 20258 7ff65175beca 20256->20258 20259 7ff65175b7d8 __free_lconv_mon 11 API calls 20257->20259 20260 7ff65175b7d8 __free_lconv_mon 11 API calls 20258->20260 20259->20258 20261 7ff65175bed7 20260->20261 20262 7ff65175b7d8 __free_lconv_mon 11 API calls 20261->20262 20263 7ff65175bee4 20262->20263 20264 7ff65175b7d8 __free_lconv_mon 11 API calls 20263->20264 20265 7ff65175bef1 20264->20265 20266 7ff65175b7d8 __free_lconv_mon 11 API calls 20265->20266 20267 7ff65175befe 20266->20267 20268 7ff65175b7d8 __free_lconv_mon 11 API calls 20267->20268 20269 7ff65175bf0b 20268->20269 20270 7ff65175b7d8 __free_lconv_mon 11 API calls 20269->20270 20271 7ff65175bf18 20270->20271 20272 7ff65175b7d8 __free_lconv_mon 11 API calls 20271->20272 20273 7ff65175bf25 20272->20273 20274 7ff65175b7d8 __free_lconv_mon 11 API calls 20273->20274 20275 7ff65175bf35 20274->20275 20276 7ff65175b7d8 __free_lconv_mon 11 API calls 20275->20276 20277 7ff65175bf45 20276->20277 20282 7ff65175bd24 20277->20282 20296 7ff651761168 EnterCriticalSection 20282->20296 20763 7ff65175abe0 20766 7ff65175ab5c 20763->20766 20773 7ff651761168 EnterCriticalSection 20766->20773 21396 7ff65174b16b 21398 7ff65174b171 21396->21398 21397 7ff65174ba26 21398->21397 21399 7ff65174cc20 12 API calls 21398->21399 21399->21397 20298 7ff65176ba73 20299 7ff65176ba83 20298->20299 20302 7ff651756308 LeaveCriticalSection 20299->20302 19659 7ff65175a7f1 19660 7ff65175b268 45 API calls 19659->19660 19661 7ff65175a7f6 19660->19661 19662 7ff65175a81d GetModuleHandleW 19661->19662 19663 7ff65175a867 19661->19663 19662->19663 19669 7ff65175a82a 19662->19669 19671 7ff65175a6f4 19663->19671 19669->19663 19685 7ff65175a918 GetModuleHandleExW 19669->19685 19691 7ff651761168 EnterCriticalSection 19671->19691 19686 7ff65175a94c GetProcAddress 19685->19686 19687 7ff65175a975 19685->19687 19690 7ff65175a95e 19686->19690 19688 7ff65175a97a FreeLibrary 19687->19688 19689 7ff65175a981 19687->19689 19688->19689 19689->19663 19690->19687 19712 7ff65174c970 19713 7ff65174c985 19712->19713 19714 7ff65174c99e 19712->19714 19713->19714 19716 7ff65175e48c 12 API calls 19713->19716 19715 7ff65174c9fe 19716->19715 20810 7ff65176bbf9 20813 7ff651756308 LeaveCriticalSection 20810->20813 20436 7ff65176bc8e 20437 7ff65176bc9d 20436->20437 20438 7ff65176bca7 20436->20438 20440 7ff6517611c8 LeaveCriticalSection 20437->20440 21450 7ff65174c59c 21451 7ff65174b9a3 21450->21451 21453 7ff65174ba26 21450->21453 21452 7ff65174cc20 12 API calls 21451->21452 21451->21453 21452->21453 19492 7ff65176081c 19493 7ff651760a0e 19492->19493 19495 7ff65176085e _isindst 19492->19495 19494 7ff651755d98 _get_daylight 11 API calls 19493->19494 19512 7ff6517609fe 19494->19512 19495->19493 19498 7ff6517608de _isindst 19495->19498 19496 7ff65174d3e0 _log10_special 8 API calls 19497 7ff651760a29 19496->19497 19513 7ff651767024 19498->19513 19503 7ff651760a3a 19505 7ff65175b790 _isindst 17 API calls 19503->19505 19507 7ff651760a4e 19505->19507 19510 7ff65176093b 19510->19512 19537 7ff651767068 19510->19537 19512->19496 19514 7ff651767033 19513->19514 19515 7ff6517608fc 19513->19515 19544 7ff651761168 EnterCriticalSection 19514->19544 19519 7ff651766428 19515->19519 19520 7ff651760911 19519->19520 19521 7ff651766431 19519->19521 19520->19503 19525 7ff651766458 19520->19525 19522 7ff651755d98 _get_daylight 11 API calls 19521->19522 19523 7ff651766436 19522->19523 19524 7ff65175b770 _invalid_parameter_noinfo 37 API calls 19523->19524 19524->19520 19526 7ff651760922 19525->19526 19527 7ff651766461 19525->19527 19526->19503 19531 7ff651766488 19526->19531 19528 7ff651755d98 _get_daylight 11 API calls 19527->19528 19529 7ff651766466 19528->19529 19530 7ff65175b770 _invalid_parameter_noinfo 37 API calls 19529->19530 19530->19526 19532 7ff651760933 19531->19532 19533 7ff651766491 19531->19533 19532->19503 19532->19510 19534 7ff651755d98 _get_daylight 11 API calls 19533->19534 19535 7ff651766496 19534->19535 19536 7ff65175b770 _invalid_parameter_noinfo 37 API calls 19535->19536 19536->19532 19545 7ff651761168 EnterCriticalSection 19537->19545 20454 7ff6517562a0 20455 7ff6517562ab 20454->20455 20463 7ff651760134 20455->20463 20476 7ff651761168 EnterCriticalSection 20463->20476 19484 7ff65174c6ac 19485 7ff65174b9aa 19484->19485 19487 7ff65174ba26 19485->19487 19488 7ff65174cc20 19485->19488 19489 7ff65174cc43 19488->19489 19490 7ff65174cc61 memcpy_s 19488->19490 19491 7ff65175e48c 12 API calls 19489->19491 19490->19487 19491->19490 20477 7ff651768ab0 20480 7ff651763480 20477->20480 20481 7ff65176348d 20480->20481 20482 7ff6517634d2 20480->20482 20486 7ff65175c0b4 20481->20486 20487 7ff65175c0c5 FlsGetValue 20486->20487 20488 7ff65175c0e0 FlsSetValue 20486->20488 20489 7ff65175c0da 20487->20489 20490 7ff65175c0d2 20487->20490 20488->20490 20491 7ff65175c0ed 20488->20491 20489->20488 20492 7ff65175c0d8 20490->20492 20493 7ff65175b394 _CallSETranslator 45 API calls 20490->20493 20494 7ff65175fa28 _get_daylight 11 API calls 20491->20494 20506 7ff651763154 20492->20506 20495 7ff65175c155 20493->20495 20496 7ff65175c0fc 20494->20496 20497 7ff65175c11a FlsSetValue 20496->20497 20498 7ff65175c10a FlsSetValue 20496->20498 20499 7ff65175c126 FlsSetValue 20497->20499 20500 7ff65175c138 20497->20500 20501 7ff65175c113 20498->20501 20499->20501 20502 7ff65175bd84 _get_daylight 11 API calls 20500->20502 20503 7ff65175b7d8 __free_lconv_mon 11 API calls 20501->20503 20504 7ff65175c140 20502->20504 20503->20490 20505 7ff65175b7d8 __free_lconv_mon 11 API calls 20504->20505 20505->20492 20529 7ff6517633c4 20506->20529 20508 7ff651763189 20544 7ff651762e54 20508->20544 20511 7ff65175e48c _fread_nolock 12 API calls 20512 7ff6517631b7 20511->20512 20513 7ff6517631bf 20512->20513 20516 7ff6517631ce 20512->20516 20514 7ff65175b7d8 __free_lconv_mon 11 API calls 20513->20514 20515 7ff6517631a6 20514->20515 20515->20482 20516->20516 20551 7ff6517634fc 20516->20551 20519 7ff6517632ca 20520 7ff651755d98 _get_daylight 11 API calls 20519->20520 20521 7ff6517632cf 20520->20521 20523 7ff65175b7d8 __free_lconv_mon 11 API calls 20521->20523 20522 7ff651763325 20525 7ff65176338c 20522->20525 20562 7ff651762c84 20522->20562 20523->20515 20524 7ff6517632e4 20524->20522 20527 7ff65175b7d8 __free_lconv_mon 11 API calls 20524->20527 20526 7ff65175b7d8 __free_lconv_mon 11 API calls 20525->20526 20526->20515 20527->20522 20530 7ff6517633e7 20529->20530 20531 7ff6517633f1 20530->20531 20577 7ff651761168 EnterCriticalSection 20530->20577 20533 7ff651763463 20531->20533 20536 7ff65175b394 _CallSETranslator 45 API calls 20531->20536 20533->20508 20537 7ff65176347b 20536->20537 20540 7ff6517634d2 20537->20540 20541 7ff65175c0b4 50 API calls 20537->20541 20540->20508 20542 7ff6517634bc 20541->20542 20543 7ff651763154 65 API calls 20542->20543 20543->20540 20545 7ff651755ddc 45 API calls 20544->20545 20546 7ff651762e68 20545->20546 20547 7ff651762e86 20546->20547 20548 7ff651762e74 GetOEMCP 20546->20548 20549 7ff651762e9b 20547->20549 20550 7ff651762e8b GetACP 20547->20550 20548->20549 20549->20511 20549->20515 20550->20549 20552 7ff651762e54 47 API calls 20551->20552 20553 7ff651763529 20552->20553 20554 7ff65176367f 20553->20554 20556 7ff651763566 IsValidCodePage 20553->20556 20561 7ff651763580 __scrt_get_show_window_mode 20553->20561 20555 7ff65174d3e0 _log10_special 8 API calls 20554->20555 20557 7ff6517632c1 20555->20557 20556->20554 20558 7ff651763577 20556->20558 20557->20519 20557->20524 20559 7ff6517635a6 GetCPInfo 20558->20559 20558->20561 20559->20554 20559->20561 20578 7ff651762f6c 20561->20578 20634 7ff651761168 EnterCriticalSection 20562->20634 20579 7ff651762fa9 GetCPInfo 20578->20579 20580 7ff65176309f 20578->20580 20579->20580 20586 7ff651762fbc 20579->20586 20581 7ff65174d3e0 _log10_special 8 API calls 20580->20581 20583 7ff65176313e 20581->20583 20582 7ff651763cd0 48 API calls 20584 7ff651763033 20582->20584 20583->20554 20589 7ff651768a14 20584->20589 20586->20582 20588 7ff651768a14 54 API calls 20588->20580 20590 7ff651755ddc 45 API calls 20589->20590 20591 7ff651768a39 20590->20591 20594 7ff6517686e0 20591->20594 20595 7ff651768721 20594->20595 20596 7ff651760730 _fread_nolock MultiByteToWideChar 20595->20596 20599 7ff65176876b 20596->20599 20597 7ff6517689e9 20598 7ff65174d3e0 _log10_special 8 API calls 20597->20598 20600 7ff651763066 20598->20600 20599->20597 20601 7ff65175e48c _fread_nolock 12 API calls 20599->20601 20603 7ff6517687a3 20599->20603 20614 7ff6517688a1 20599->20614 20600->20588 20601->20603 20602 7ff65175b7d8 __free_lconv_mon 11 API calls 20602->20597 20604 7ff651760730 _fread_nolock MultiByteToWideChar 20603->20604 20603->20614 20605 7ff651768816 20604->20605 20605->20614 20625 7ff65175ff74 20605->20625 20608 7ff651768861 20612 7ff65175ff74 __crtLCMapStringW 6 API calls 20608->20612 20608->20614 20609 7ff651768984 20609->20614 20615 7ff65175b7d8 __free_lconv_mon 11 API calls 20609->20615 20610 7ff6517688b2 20610->20609 20611 7ff65175e48c _fread_nolock 12 API calls 20610->20611 20613 7ff6517688d0 20610->20613 20611->20613 20612->20614 20613->20614 20616 7ff65175ff74 __crtLCMapStringW 6 API calls 20613->20616 20614->20597 20614->20602 20615->20614 20617 7ff651768950 20616->20617 20617->20609 20618 7ff651768986 20617->20618 20619 7ff651768970 20617->20619 20620 7ff651761678 WideCharToMultiByte 20618->20620 20621 7ff651761678 WideCharToMultiByte 20619->20621 20622 7ff65176897e 20620->20622 20621->20622 20622->20609 20623 7ff65176899e 20622->20623 20623->20614 20624 7ff65175b7d8 __free_lconv_mon 11 API calls 20623->20624 20624->20614 20626 7ff65175fba0 __crtLCMapStringW 5 API calls 20625->20626 20627 7ff65175ffb2 20626->20627 20628 7ff65175ffba 20627->20628 20631 7ff651760060 20627->20631 20628->20608 20628->20610 20628->20614 20630 7ff651760023 LCMapStringW 20630->20628 20632 7ff65175fba0 __crtLCMapStringW 5 API calls 20631->20632 20633 7ff65176008e __crtLCMapStringW 20632->20633 20633->20630 21472 7ff65175d3b0 21483 7ff651761168 EnterCriticalSection 21472->21483

                                                                                                                                                                                                      Executed Functions

                                                                                                                                                                                                      Function 00007FF651741000 Relevance: 119.6, APIs: 5, Strings: 63, Instructions: 555COMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                      control_flow_graph 0 7ff651741000-7ff651743cc4 call 7ff651750ca8 call 7ff651750cb0 call 7ff65174d6e0 call 7ff651756280 call 7ff651756314 call 7ff651742770 call 7ff651743b40 16 7ff651743cc6-7ff651743ccb 0->16 17 7ff651743cd0-7ff651743d05 call 7ff651742770 * 2 call 7ff651741950 0->17 18 7ff651744628-7ff651744642 call 7ff65174d3e0 16->18 27 7ff651743e2b-7ff651743e4c call 7ff651742770 call 7ff651744c50 17->27 28 7ff651743d0b-7ff651743d24 call 7ff651741cc0 17->28 37 7ff651743e4e-7ff651743e53 27->37 38 7ff651743e55-7ff651743e81 call 7ff6517488f0 27->38 32 7ff651743d29-7ff651743d99 call 7ff651742770 * 2 call 7ff651749640 28->32 50 7ff651743d9b-7ff651743d9e 32->50 51 7ff651743dc1-7ff651743dcf call 7ff651755dc0 32->51 40 7ff651743e90-7ff651743eb0 call 7ff651742770 call 7ff651742960 37->40 48 7ff651743eb5-7ff651743eda call 7ff651741cc0 38->48 49 7ff651743e83-7ff651743e8b call 7ff651750edc 38->49 62 7ff651744620 40->62 64 7ff651743ee0-7ff651743ee9 48->64 49->40 56 7ff651743da0-7ff651743da4 50->56 57 7ff651743db5-7ff651743dbc call 7ff6517497b0 50->57 68 7ff651743f79-7ff651743fa7 call 7ff651749750 call 7ff6517497b0 * 3 51->68 69 7ff651743dd5-7ff651743de7 call 7ff651749640 51->69 56->57 61 7ff651743da6-7ff651743db2 call 7ff651742770 56->61 57->51 61->57 62->18 64->64 67 7ff651743eeb-7ff651743f17 call 7ff651742770 call 7ff651741950 64->67 67->32 88 7ff651743f1d-7ff651743f34 call 7ff651742960 67->88 99 7ff651743fac-7ff651743fc3 call 7ff651749640 68->99 79 7ff651743ded-7ff651743e05 call 7ff651742770 69->79 80 7ff651743f65-7ff651743f6c call 7ff651742770 69->80 90 7ff651743e10-7ff651743e16 79->90 87 7ff651743f71-7ff651743f74 call 7ff651755dc0 80->87 87->68 88->62 94 7ff651743f39-7ff651743f3b 90->94 95 7ff651743e1c-7ff651743e21 90->95 97 7ff651743f3e-7ff651743f61 call 7ff651742770 call 7ff651755dc0 94->97 95->90 98 7ff651743e23-7ff651743e26 95->98 97->99 112 7ff651743f63 97->112 98->97 105 7ff651743fc9-7ff651743fcc 99->105 106 7ff6517440d5-7ff6517440e3 99->106 105->106 110 7ff651743fd2-7ff651743fd5 105->110 107 7ff6517440e9-7ff6517440ec 106->107 108 7ff651743fec 106->108 111 7ff651743ff0-7ff65174401d call 7ff651755dc0 call 7ff651742770 107->111 108->111 113 7ff651743fdb-7ff651743fdf 110->113 114 7ff6517440a1-7ff6517440a4 110->114 126 7ff651744038-7ff65174404d 111->126 127 7ff65174401f-7ff651744033 call 7ff651749750 111->127 112->68 113->114 115 7ff651743fe5 113->115 117 7ff6517440a6-7ff6517440aa 114->117 118 7ff6517440bc-7ff6517440d0 call 7ff651742960 114->118 115->108 117->118 121 7ff6517440ac-7ff6517440b7 117->121 125 7ff651744600-7ff651744618 118->125 121->111 125->62 129 7ff651744177-7ff651744189 call 7ff651749640 126->129 130 7ff651744053-7ff651744057 126->130 127->126 138 7ff6517441a8-7ff6517441b7 call 7ff651755dc0 129->138 139 7ff65174418b-7ff651744191 129->139 132 7ff65174405d-7ff651744075 call 7ff6517560e0 130->132 133 7ff65174415c-7ff651744171 call 7ff651741940 130->133 143 7ff651744077-7ff65174408f call 7ff6517560e0 132->143 144 7ff6517440f1-7ff651744109 call 7ff6517560e0 132->144 133->129 133->130 151 7ff6517441bd-7ff6517441c3 138->151 152 7ff6517442f4-7ff651744315 call 7ff651744b70 138->152 141 7ff65174419d-7ff6517441a2 139->141 142 7ff651744193-7ff65174419b 139->142 141->138 142->141 143->133 156 7ff651744095-7ff65174409c 143->156 153 7ff651744116-7ff65174412e call 7ff6517560e0 144->153 154 7ff65174410b-7ff65174410f 144->154 157 7ff6517441c9-7ff6517441f0 call 7ff651742770 * 2 call 7ff651749e70 151->157 158 7ff651744258-7ff65174428a call 7ff651742770 call 7ff651749640 151->158 165 7ff651744317-7ff651744321 call 7ff651744cc0 152->165 166 7ff651744323-7ff651744334 call 7ff651741cc0 152->166 171 7ff65174413b-7ff651744153 call 7ff6517560e0 153->171 172 7ff651744130-7ff651744134 153->172 154->153 156->133 191 7ff651744208-7ff651744225 call 7ff651742770 call 7ff651749450 157->191 192 7ff6517441f2-7ff651744203 call 7ff651742960 157->192 181 7ff65174428c-7ff65174428f 158->181 182 7ff6517442de-7ff6517442ef call 7ff651742960 158->182 178 7ff651744339-7ff651744356 call 7ff651742770 165->178 166->178 171->133 184 7ff651744155 171->184 172->171 189 7ff651744358-7ff65174435f 178->189 190 7ff6517443b5-7ff6517443cb call 7ff65174a220 178->190 181->182 188 7ff651744291-7ff6517442b4 call 7ff651741cc0 181->188 197 7ff6517445f8 182->197 184->133 205 7ff6517442b6-7ff6517442cf call 7ff651742960 call 7ff651755dc0 188->205 206 7ff6517442d4-7ff6517442dc call 7ff651755dc0 188->206 189->190 195 7ff651744361-7ff651744364 189->195 210 7ff6517443cd-7ff6517443de call 7ff651742960 190->210 211 7ff6517443e3-7ff65174440f call 7ff651742880 SetDllDirectoryW 190->211 222 7ff651744227-7ff651744238 call 7ff651742960 191->222 223 7ff65174423d-7ff65174424e call 7ff651742770 191->223 192->197 195->190 201 7ff651744366-7ff6517443a7 SetDllDirectoryW call 7ff651742880 LoadLibraryExW 195->201 197->125 220 7ff6517443a9 201->220 221 7ff6517443b0 call 7ff651742880 201->221 205->197 206->178 210->197 228 7ff65174441d-7ff65174442c call 7ff651749640 211->228 229 7ff651744411-7ff651744418 211->229 220->221 221->190 222->197 232 7ff651744253 223->232 238 7ff65174442e-7ff651744434 228->238 239 7ff651744445-7ff65174444f call 7ff651755dc0 228->239 233 7ff6517444a7 call 7ff651742770 229->233 232->178 240 7ff6517444ac-7ff6517444b3 233->240 241 7ff651744436-7ff65174443e 238->241 242 7ff651744440-7ff651744442 238->242 252 7ff651744451-7ff65174446c call 7ff651742770 call 7ff651749750 239->252 253 7ff65174446e-7ff651744474 239->253 244 7ff6517444b9-7ff6517444c0 240->244 245 7ff65174458c-7ff651744593 240->245 241->242 242->239 244->245 249 7ff6517444c6-7ff6517444c9 call 7ff651743970 244->249 246 7ff6517445b8-7ff6517445f6 call 7ff651743960 call 7ff6517435e0 call 7ff651743910 call 7ff6517477e0 call 7ff651747590 call 7ff651742770 245->246 247 7ff651744595-7ff6517445b2 PostMessageW GetMessageW 245->247 246->197 247->246 254 7ff6517444ce 249->254 252->240 255 7ff651744476-7ff651744491 call 7ff651742770 call 7ff651749750 253->255 256 7ff651744493-7ff65174449a 253->256 254->197 255->240 261 7ff65174449c-7ff65174449e 256->261 262 7ff6517444d3-7ff6517444d5 256->262 265 7ff6517444d7-7ff6517444ff call 7ff651742770 call 7ff6517475e0 call 7ff651747c80 261->265 266 7ff6517444a0 261->266 262->265 262->266 285 7ff65174450a-7ff65174451d call 7ff651742770 265->285 286 7ff651744501-7ff651744508 265->286 266->233 293 7ff65174451f-7ff651744538 call 7ff651742770 call 7ff651747620 285->293 294 7ff651744543-7ff65174454d call 7ff651747ab0 285->294 288 7ff651744572-7ff651744587 call 7ff651742cb0 call 7ff6517477e0 call 7ff651747590 286->288 288->240 293->294 308 7ff65174453a-7ff651744541 293->308 303 7ff651744558-7ff651744565 call 7ff651747e30 294->303 304 7ff65174454f-7ff651744556 294->304 303->240 310 7ff65174456b 303->310 304->288 308->288 310->288
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: DebugErrorFileLastModuleNameOutputString
                                                                                                                                                                                                      • String ID: Could not create temporary directory!$Could not load PyInstaller's embedded PKG archive from the executable (%s)$Could not side-load PyInstaller's PKG archive from external file (%s)$Failed to convert DLL search path!$Failed to initialize security descriptor for temporary directory!$Failed to load Tcl/Tk shared libraries for splash screen!$Failed to load splash screen resources!$Failed to start splash screen!$Failed to unpack splash screen dependencies from PKG archive!$Invalid value in _PYI_PARENT_PROCESS_LEVEL: %s$LOADER: _PYI_ARCHIVE_FILE already defined: %s$LOADER: _PYI_ARCHIVE_FILE not defined...$LOADER: application has %s semantics...$LOADER: application's top-level directory: %s$LOADER: archive file: %s$LOADER: attempting to pre-load system copy of %ls...$LOADER: calling SetDllDirectory: %ls$LOADER: could not load system copy of %ls.$LOADER: created temporary directory: %s$LOADER: creating temporary directory (runtime_tmpdir=%s)...$LOADER: end of process reached!$LOADER: executable file: %s$LOADER: explicit environment reset enabled via environment variable!$LOADER: extracting splash screen dependencies...$LOADER: failed to open executable-embedded archive!$LOADER: initializing security descriptor for temporary directory...$LOADER: loading splash screen resources...$LOADER: process is not eligible for splash screen$LOADER: process level = %d$LOADER: setting up splash screen...$LOADER: side-load is disabled (code %d)!$LOADER: spawned subprocess - suppressing splash screen...$LOADER: splash screen is explicitly suppressed via environment variable!$LOADER: splash screen is unavailable.$LOADER: successfully loaded system copy of %ls.$LOADER: this is child process of onefile application (%s).$LOADER: this is parent process of onefile application.$LOADER: trying to load executable-embedded archive...$LOADER: trying to load external PKG archive (%s)...$LOADER: using different archive file than parent environment!$LOADER: using same archive file as parent environment!$MEI$PYINSTALLER_RESET_ENVIRONMENT$PYINSTALLER_STRICT_UNPACK_MODE$PYINSTALLER_SUPPRESS_SPLASH_SCREEN$Path exceeds PYI_PATH_MAX limit.$PyInstaller Bootloader 6.x$Py_GIL_DISABLED$VCRUNTIME140.dll$_PYI_APPLICATION_HOME_DIR$_PYI_APPLICATION_HOME_DIR not set for onefile child process!$_PYI_ARCHIVE_FILE$_PYI_PARENT_PROCESS_LEVEL$_PYI_SPLASH_IPC$main application process$onedir$onefile$pkg$pyi-contents-directory$pyi-disable-windowed-traceback$pyi-python-flag$pyi-runtime-tmpdir$spawned subprocess
                                                                                                                                                                                                      • API String ID: 3669267851-3110933790
                                                                                                                                                                                                      • Opcode ID: 3ed7d45fc6ddfa573971f5f2dcdd556185ca2a20ee7efe5474e6300226a72461
                                                                                                                                                                                                      • Instruction ID: 90d3d788176794cb2c3a1250f56848b586addcfc5371fad817d804978eb7b184
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 3ed7d45fc6ddfa573971f5f2dcdd556185ca2a20ee7efe5474e6300226a72461
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 9C428C25A1C69691FB15EB2DD8541B96391AF54780F8C4032D9DEE32DFEFACEA18C340
                                                                                                                                                                                                      Function 00007FF6517497F0 Relevance: 112.3, APIs: 36, Strings: 28, Instructions: 319synchronizationwindowregistryCOMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                      control_flow_graph 311 7ff6517497f0-7ff651749853 call 7ff65174d6e0 call 7ff65174a220 SetConsoleCtrlHandler 316 7ff651749855-7ff65174985c call 7ff651742880 311->316 317 7ff651749861-7ff651749952 call 7ff651742880 GetStartupInfoW call 7ff651756280 call 7ff65175b30c call 7ff6517595ac call 7ff651756280 call 7ff65175b30c call 7ff6517595ac call 7ff651756280 call 7ff65175b30c call 7ff6517595ac GetCommandLineW CreateProcessW 311->317 316->317 339 7ff651749979-7ff6517499cd call 7ff651742880 * 2 RegisterClassW 317->339 340 7ff651749954-7ff651749974 GetLastError call 7ff651742ec0 317->340 350 7ff6517499e3-7ff651749a37 CreateWindowExW 339->350 351 7ff6517499cf-7ff6517499de GetLastError call 7ff651742880 339->351 345 7ff651749dad-7ff651749dd3 call 7ff65174d3e0 340->345 353 7ff651749a39-7ff651749a4d GetLastError call 7ff651742880 350->353 354 7ff651749a4f-7ff651749a61 ShowWindow call 7ff651742880 350->354 351->350 358 7ff651749a66-7ff651749a82 call 7ff651742880 WaitForSingleObject 353->358 354->358 361 7ff651749a88-7ff651749a8b 358->361 362 7ff651749b19 358->362 364 7ff651749a8d-7ff651749a9c GetLastError call 7ff651742880 361->364 365 7ff651749aa1-7ff651749aa8 361->365 363 7ff651749b20-7ff651749b38 call 7ff651742880 * 2 362->363 376 7ff651749be8-7ff651749bef 363->376 377 7ff651749b3e-7ff651749b63 call 7ff651742880 WaitForSingleObject 363->377 364->365 368 7ff651749bcb-7ff651749bd2 365->368 369 7ff651749aae-7ff651749acb PeekMessageW 365->369 368->363 371 7ff651749acd 369->371 372 7ff651749b03-7ff651749b13 WaitForSingleObject 369->372 373 7ff651749ad0-7ff651749b01 TranslateMessage DispatchMessageW PeekMessageW 371->373 372->361 372->362 373->372 373->373 378 7ff651749d02-7ff651749d15 call 7ff651742880 376->378 379 7ff651749bf5-7ff651749c1c call 7ff651742880 QueryPerformanceFrequency QueryPerformanceCounter 376->379 386 7ff651749bd7-7ff651749be3 call 7ff651742880 377->386 387 7ff651749b65-7ff651749b85 call 7ff651742880 TerminateProcess 377->387 389 7ff651749d17 378->389 390 7ff651749d58-7ff651749d6e call 7ff651742880 378->390 391 7ff651749c20-7ff651749c58 MsgWaitForMultipleObjects PeekMessageW 379->391 386->390 403 7ff651749b9b-7ff651749bc6 WaitForSingleObject call 7ff651742880 387->403 404 7ff651749b87-7ff651749b96 GetLastError call 7ff651742880 387->404 394 7ff651749d20-7ff651749d39 GetMessageW 389->394 408 7ff651749d7d-7ff651749da9 GetExitCodeProcess CloseHandle * 2 390->408 409 7ff651749d70-7ff651749d76 DestroyWindow 390->409 395 7ff651749c5a 391->395 396 7ff651749c93-7ff651749c9a 391->396 400 7ff651749d3b-7ff651749d49 TranslateMessage DispatchMessageW 394->400 401 7ff651749d4f-7ff651749d56 394->401 402 7ff651749c60-7ff651749c91 TranslateMessage DispatchMessageW PeekMessageW 395->402 405 7ff651749c9c-7ff651749cd2 QueryPerformanceCounter call 7ff651742880 396->405 406 7ff651749ced 396->406 400->401 401->390 401->394 402->396 402->402 403->390 404->403 413 7ff651749cd7-7ff651749cde 405->413 411 7ff651749cf4 call 7ff651742880 406->411 408->345 409->408 417 7ff651749cf9-7ff651749d00 411->417 413->391 416 7ff651749ce4-7ff651749ceb 413->416 416->411 417->378 417->390
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ErrorLast$MessageObjectProcessSingleWait$Window$CloseCreateHandlePeek$ByteCharClassCodeCommandConsoleCtrlCurrentDebugDestroyDispatchExitHandlerInfoLineMultiOutputRegisterShowStartupStringTerminateTranslateWide
                                                                                                                                                                                                      • String ID: CreateProcessW$Failed to create child process!$LOADER: TerminateProcess call failed (%d)$LOADER: WaitForSingleObject() failed with error code %d!$LOADER: child process has finished - exiting the wait loop!$LOADER: child process has finished.$LOADER: child process not terminated!$LOADER: child process started!$LOADER: child process terminated!$LOADER: creating hidden window to capture system shutdown events...$LOADER: done waiting for WM_QUERYENDSESSION - message received!$LOADER: done waiting for WM_QUERYENDSESSION - timed-out!$LOADER: entering the waiting loop...$LOADER: failed to create hidden window (%d)!$LOADER: failed to install console ctrl handler!$LOADER: failed to register hidden window class (%d)!$LOADER: handling console shutdown - giving the child %d ms to exit...$LOADER: hidden window created!$LOADER: made it out of the waiting loop!$LOADER: received console shutdown event - exiting the wait loop!$LOADER: received session shutdown signal via WM_QUERYENDSESSION; waiting for WM_ENDSESSION...$LOADER: retrieving process exit code and performing cleanup...$LOADER: setting up child process...$LOADER: terminating the child process...$LOADER: waited %lld ms / %d ms...$LOADER: waiting %d ms in case we receive WM_QUERYENDSESSION...$PyInstaller Onefile Hidden Window$PyInstallerOnefileHiddenWindow
                                                                                                                                                                                                      • API String ID: 247756579-819605309
                                                                                                                                                                                                      • Opcode ID: 91f9875a3ede7d88cc3805db351393051b73bd18677eb379a10c15569ad100a9
                                                                                                                                                                                                      • Instruction ID: 36797b3b173282b392f80cef93af6ef5bcbea2a05d2702cc67104de7012c0a46
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 91f9875a3ede7d88cc3805db351393051b73bd18677eb379a10c15569ad100a9
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 0AF17E21B08A8696FB14DB38E8502BD3764FF85754F480136EA9EE36AADF7CE554C700
                                                                                                                                                                                                      Function 00007FF651748E90 Relevance: 17.6, APIs: 6, Strings: 4, Instructions: 100fileCOMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • FindFirstFileW.KERNELBASE(?,00007FF651749729,00007FF651743A80), ref: 00007FF651748EFB
                                                                                                                                                                                                      • RemoveDirectoryW.KERNEL32(?,00007FF651749729,00007FF651743A80), ref: 00007FF651748F86
                                                                                                                                                                                                      • DeleteFileW.KERNELBASE(?,00007FF651749729,00007FF651743A80), ref: 00007FF651748FBB
                                                                                                                                                                                                      • FindNextFileW.KERNELBASE(?,00007FF651749729,00007FF651743A80), ref: 00007FF651748FE1
                                                                                                                                                                                                      • FindClose.KERNEL32(?,00007FF651749729,00007FF651743A80), ref: 00007FF651748FF2
                                                                                                                                                                                                      • RemoveDirectoryW.KERNELBASE(?,00007FF651749729,00007FF651743A80), ref: 00007FF651748FFB
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: FileFind$DirectoryRemove$CloseDeleteFirstNext
                                                                                                                                                                                                      • String ID: %s\*$LOADER: failed to remove directory symbolic link: %ls$LOADER: failed to remove directory: %ls$LOADER: failed to remove file: %ls
                                                                                                                                                                                                      • API String ID: 1057558799-1659351542
                                                                                                                                                                                                      • Opcode ID: 1bd153a207f5a9c9a92026faa57df787e724909fd63590abf3b4b70611f5ce28
                                                                                                                                                                                                      • Instruction ID: b47d5a1c2575a0821f87038bf5fc17fa8300ef0487ea8d73fe101b3ba20b8b22
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 1bd153a207f5a9c9a92026faa57df787e724909fd63590abf3b4b70611f5ce28
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 97418221B0C547D1EB609B68E4541BA63A1FB94794F880532EBDEE36DEEF6CD50AC700
                                                                                                                                                                                                      Function 00007FF651766A90 Relevance: 14.3, APIs: 6, Strings: 2, Instructions: 334timeCOMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                      control_flow_graph 732 7ff651766a90-7ff651766acb call 7ff651766418 call 7ff651766420 call 7ff651766488 739 7ff651766cf5-7ff651766d41 call 7ff65175b790 call 7ff651766418 call 7ff651766420 call 7ff651766488 732->739 740 7ff651766ad1-7ff651766adc call 7ff651766428 732->740 766 7ff651766d47-7ff651766d52 call 7ff651766428 739->766 767 7ff651766e7f-7ff651766eed call 7ff65175b790 call 7ff651762408 739->767 740->739 745 7ff651766ae2-7ff651766aec 740->745 747 7ff651766b0e-7ff651766b12 745->747 748 7ff651766aee-7ff651766af1 745->748 752 7ff651766b15-7ff651766b1d 747->752 751 7ff651766af4-7ff651766aff 748->751 755 7ff651766b0a-7ff651766b0c 751->755 756 7ff651766b01-7ff651766b08 751->756 752->752 753 7ff651766b1f-7ff651766b32 call 7ff65175e48c 752->753 762 7ff651766b4a-7ff651766b56 call 7ff65175b7d8 753->762 763 7ff651766b34-7ff651766b36 call 7ff65175b7d8 753->763 755->747 759 7ff651766b3b-7ff651766b49 755->759 756->751 756->755 773 7ff651766b5d-7ff651766b65 762->773 763->759 766->767 775 7ff651766d58-7ff651766d63 call 7ff651766458 766->775 786 7ff651766efb-7ff651766efe 767->786 787 7ff651766eef-7ff651766ef6 767->787 773->773 776 7ff651766b67-7ff651766b78 call 7ff651761304 773->776 775->767 784 7ff651766d69-7ff651766d8c call 7ff65175b7d8 GetTimeZoneInformation 775->784 776->739 785 7ff651766b7e-7ff651766bd4 call 7ff65176b360 * 4 call 7ff6517669ac 776->785 803 7ff651766d92-7ff651766db3 784->803 804 7ff651766e54-7ff651766e7e call 7ff651766410 call 7ff651766400 call 7ff651766408 784->804 844 7ff651766bd6-7ff651766bda 785->844 789 7ff651766f35-7ff651766f48 call 7ff65175e48c 786->789 790 7ff651766f00 786->790 788 7ff651766f8b-7ff651766f8e 787->788 793 7ff651766f03 788->793 794 7ff651766f94-7ff651766f9c call 7ff651766a90 788->794 809 7ff651766f4a 789->809 810 7ff651766f53-7ff651766f6e call 7ff651762408 789->810 790->793 799 7ff651766f08-7ff651766f34 call 7ff65175b7d8 call 7ff65174d3e0 793->799 800 7ff651766f03 call 7ff651766d0c 793->800 794->799 800->799 811 7ff651766db5-7ff651766dbb 803->811 812 7ff651766dbe-7ff651766dc5 803->812 818 7ff651766f4c-7ff651766f51 call 7ff65175b7d8 809->818 827 7ff651766f75-7ff651766f87 call 7ff65175b7d8 810->827 828 7ff651766f70-7ff651766f73 810->828 811->812 813 7ff651766dc7-7ff651766dcf 812->813 814 7ff651766dd9 812->814 813->814 820 7ff651766dd1-7ff651766dd7 813->820 823 7ff651766ddb-7ff651766e4f call 7ff65176b360 * 4 call 7ff6517639ec call 7ff651766fa4 * 2 814->823 818->790 820->823 823->804 827->788 828->818 846 7ff651766bdc 844->846 847 7ff651766be0-7ff651766be4 844->847 846->847 847->844 849 7ff651766be6-7ff651766c0b call 7ff6517579e8 847->849 855 7ff651766c0e-7ff651766c12 849->855 857 7ff651766c14-7ff651766c1f 855->857 858 7ff651766c21-7ff651766c25 855->858 857->858 860 7ff651766c27-7ff651766c2b 857->860 858->855 863 7ff651766c2d-7ff651766c55 call 7ff6517579e8 860->863 864 7ff651766cac-7ff651766cb0 860->864 872 7ff651766c57 863->872 873 7ff651766c73-7ff651766c77 863->873 865 7ff651766cb7-7ff651766cc4 864->865 866 7ff651766cb2-7ff651766cb4 864->866 868 7ff651766cc6-7ff651766cdc call 7ff6517669ac 865->868 869 7ff651766cdf-7ff651766cee call 7ff651766410 call 7ff651766400 865->869 866->865 868->869 869->739 876 7ff651766c5a-7ff651766c61 872->876 873->864 878 7ff651766c79-7ff651766c97 call 7ff6517579e8 873->878 876->873 879 7ff651766c63-7ff651766c71 876->879 884 7ff651766ca3-7ff651766caa 878->884 879->873 879->876 884->864 885 7ff651766c99-7ff651766c9d 884->885 885->864 886 7ff651766c9f 885->886 886->884
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • _get_daylight.LIBCMT ref: 00007FF651766AD5
                                                                                                                                                                                                        • Part of subcall function 00007FF651766428: _invalid_parameter_noinfo.LIBCMT ref: 00007FF65176643C
                                                                                                                                                                                                        • Part of subcall function 00007FF65175B7D8: RtlFreeHeap.NTDLL(?,?,?,00007FF651763BB2,?,?,?,00007FF651763BEF,?,?,00000000,00007FF6517640B5,?,?,?,00007FF651763FE7), ref: 00007FF65175B7EE
                                                                                                                                                                                                        • Part of subcall function 00007FF65175B7D8: GetLastError.KERNEL32(?,?,?,00007FF651763BB2,?,?,?,00007FF651763BEF,?,?,00000000,00007FF6517640B5,?,?,?,00007FF651763FE7), ref: 00007FF65175B7F8
                                                                                                                                                                                                        • Part of subcall function 00007FF65175B790: IsProcessorFeaturePresent.KERNEL32(?,?,?,?,00007FF65175B76F,?,?,?,?,?,00007FF65175B65A), ref: 00007FF65175B799
                                                                                                                                                                                                        • Part of subcall function 00007FF65175B790: GetCurrentProcess.KERNEL32(?,?,?,?,00007FF65175B76F,?,?,?,?,?,00007FF65175B65A), ref: 00007FF65175B7BE
                                                                                                                                                                                                      • _get_daylight.LIBCMT ref: 00007FF651766AC4
                                                                                                                                                                                                        • Part of subcall function 00007FF651766488: _invalid_parameter_noinfo.LIBCMT ref: 00007FF65176649C
                                                                                                                                                                                                      • _get_daylight.LIBCMT ref: 00007FF651766D3A
                                                                                                                                                                                                      • _get_daylight.LIBCMT ref: 00007FF651766D4B
                                                                                                                                                                                                      • _get_daylight.LIBCMT ref: 00007FF651766D5C
                                                                                                                                                                                                      • GetTimeZoneInformation.KERNELBASE(?,?,?,?,?,?,?,?,?,00000000,?,00007FF651766F9C), ref: 00007FF651766D83
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _get_daylight$_invalid_parameter_noinfo$CurrentErrorFeatureFreeHeapInformationLastPresentProcessProcessorTimeZone
                                                                                                                                                                                                      • String ID: Eastern Standard Time$Eastern Summer Time
                                                                                                                                                                                                      • API String ID: 4070488512-239921721
                                                                                                                                                                                                      • Opcode ID: ea4228eb2b8523d379eb856740e7c3fdb59cc4f74fd71962fc76e4e0d0406b68
                                                                                                                                                                                                      • Instruction ID: ba04d112bd39887c751ceaaf69b5c27b43af004528ebd66845bb2bad1d7df15e
                                                                                                                                                                                                      • Opcode Fuzzy Hash: ea4228eb2b8523d379eb856740e7c3fdb59cc4f74fd71962fc76e4e0d0406b68
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 32D1B426F1865686EB20AF29D4911B967A1FF84B84F884035EE4DE7A8FDF3CE441C744
                                                                                                                                                                                                      Function 00007FF6517677F4 Relevance: 13.8, APIs: 9, Instructions: 276fileCOMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                      control_flow_graph 918 7ff6517677f4-7ff651767867 call 7ff651767528 921 7ff651767869-7ff651767872 call 7ff651755d78 918->921 922 7ff651767881-7ff65176788b call 7ff6517593b0 918->922 929 7ff651767875-7ff65176787c call 7ff651755d98 921->929 927 7ff65176788d-7ff6517678a4 call 7ff651755d78 call 7ff651755d98 922->927 928 7ff6517678a6-7ff65176790f CreateFileW 922->928 927->929 932 7ff65176798c-7ff651767997 GetFileType 928->932 933 7ff651767911-7ff651767917 928->933 940 7ff651767bc2-7ff651767be2 929->940 935 7ff6517679ea-7ff6517679f1 932->935 936 7ff651767999-7ff6517679d4 GetLastError call 7ff651755d0c CloseHandle 932->936 938 7ff651767959-7ff651767987 GetLastError call 7ff651755d0c 933->938 939 7ff651767919-7ff65176791d 933->939 943 7ff6517679f9-7ff6517679fc 935->943 944 7ff6517679f3-7ff6517679f7 935->944 936->929 952 7ff6517679da-7ff6517679e5 call 7ff651755d98 936->952 938->929 939->938 945 7ff65176791f-7ff651767957 CreateFileW 939->945 950 7ff651767a02-7ff651767a57 call 7ff6517592c8 943->950 951 7ff6517679fe 943->951 944->950 945->932 945->938 957 7ff651767a76-7ff651767aa7 call 7ff6517672a8 950->957 958 7ff651767a59-7ff651767a65 call 7ff651767730 950->958 951->950 952->929 964 7ff651767aad-7ff651767aef 957->964 965 7ff651767aa9-7ff651767aab 957->965 958->957 963 7ff651767a67 958->963 966 7ff651767a69-7ff651767a71 call 7ff65175b950 963->966 967 7ff651767b11-7ff651767b1c 964->967 968 7ff651767af1-7ff651767af5 964->968 965->966 966->940 971 7ff651767b22-7ff651767b26 967->971 972 7ff651767bc0 967->972 968->967 970 7ff651767af7-7ff651767b0c 968->970 970->967 971->972 974 7ff651767b2c-7ff651767b71 CloseHandle CreateFileW 971->974 972->940 975 7ff651767ba6-7ff651767bbb 974->975 976 7ff651767b73-7ff651767ba1 GetLastError call 7ff651755d0c call 7ff6517594f0 974->976 975->972 976->975
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: File$CreateErrorLast_invalid_parameter_noinfo$CloseHandle$Type
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 1617910340-0
                                                                                                                                                                                                      • Opcode ID: 1d9ed3d4efa89bdc1dc95a4a467970b21b1bc653c22a6d7fb70e9ddd5adb907c
                                                                                                                                                                                                      • Instruction ID: b71c38e35efe199d3533e2a401d8461857798e8137fb5c3646cb874759583774
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 1d9ed3d4efa89bdc1dc95a4a467970b21b1bc653c22a6d7fb70e9ddd5adb907c
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4BC1B233B24A4686EB10DFA9C4906AC3771FB49B98B095235DF1EA779ADF38D551C300
                                                                                                                                                                                                      Function 00007FF65174BB3D Relevance: 12.0, Strings: 9, Instructions: 744COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID: invalid bit length repeat$invalid code -- missing end-of-block$invalid code lengths set$invalid distance code$invalid distance too far back$invalid distances set$invalid literal/length code$invalid literal/lengths set$too many length or distance symbols
                                                                                                                                                                                                      • API String ID: 0-2665694366
                                                                                                                                                                                                      • Opcode ID: 3e6e330d12f60c46f475a6d4d5d90c217e90d68feff1715015d2917322964220
                                                                                                                                                                                                      • Instruction ID: 59396e73bac7f2c82ce0c41eb4340e42af14e6df7b8fb5b24eb219917301d153
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 3e6e330d12f60c46f475a6d4d5d90c217e90d68feff1715015d2917322964220
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 58520672A186A58BE7A48F18C488B7D3BADFB84340F094139E68AD7785DF7DD844CB40
                                                                                                                                                                                                      Function 00007FF651766D0C Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 143timeCOMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                      control_flow_graph 1337 7ff651766d0c-7ff651766d41 call 7ff651766418 call 7ff651766420 call 7ff651766488 1344 7ff651766d47-7ff651766d52 call 7ff651766428 1337->1344 1345 7ff651766e7f-7ff651766eed call 7ff65175b790 call 7ff651762408 1337->1345 1344->1345 1350 7ff651766d58-7ff651766d63 call 7ff651766458 1344->1350 1357 7ff651766efb-7ff651766efe 1345->1357 1358 7ff651766eef-7ff651766ef6 1345->1358 1350->1345 1356 7ff651766d69-7ff651766d8c call 7ff65175b7d8 GetTimeZoneInformation 1350->1356 1371 7ff651766d92-7ff651766db3 1356->1371 1372 7ff651766e54-7ff651766e7e call 7ff651766410 call 7ff651766400 call 7ff651766408 1356->1372 1360 7ff651766f35-7ff651766f48 call 7ff65175e48c 1357->1360 1361 7ff651766f00 1357->1361 1359 7ff651766f8b-7ff651766f8e 1358->1359 1363 7ff651766f03 1359->1363 1364 7ff651766f94-7ff651766f9c call 7ff651766a90 1359->1364 1376 7ff651766f4a 1360->1376 1377 7ff651766f53-7ff651766f6e call 7ff651762408 1360->1377 1361->1363 1367 7ff651766f08-7ff651766f34 call 7ff65175b7d8 call 7ff65174d3e0 1363->1367 1368 7ff651766f03 call 7ff651766d0c 1363->1368 1364->1367 1368->1367 1378 7ff651766db5-7ff651766dbb 1371->1378 1379 7ff651766dbe-7ff651766dc5 1371->1379 1384 7ff651766f4c-7ff651766f51 call 7ff65175b7d8 1376->1384 1392 7ff651766f75-7ff651766f87 call 7ff65175b7d8 1377->1392 1393 7ff651766f70-7ff651766f73 1377->1393 1378->1379 1380 7ff651766dc7-7ff651766dcf 1379->1380 1381 7ff651766dd9 1379->1381 1380->1381 1386 7ff651766dd1-7ff651766dd7 1380->1386 1388 7ff651766ddb-7ff651766e4f call 7ff65176b360 * 4 call 7ff6517639ec call 7ff651766fa4 * 2 1381->1388 1384->1361 1386->1388 1388->1372 1392->1359 1393->1384
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • _get_daylight.LIBCMT ref: 00007FF651766D3A
                                                                                                                                                                                                        • Part of subcall function 00007FF651766488: _invalid_parameter_noinfo.LIBCMT ref: 00007FF65176649C
                                                                                                                                                                                                      • _get_daylight.LIBCMT ref: 00007FF651766D4B
                                                                                                                                                                                                        • Part of subcall function 00007FF651766428: _invalid_parameter_noinfo.LIBCMT ref: 00007FF65176643C
                                                                                                                                                                                                      • _get_daylight.LIBCMT ref: 00007FF651766D5C
                                                                                                                                                                                                        • Part of subcall function 00007FF651766458: _invalid_parameter_noinfo.LIBCMT ref: 00007FF65176646C
                                                                                                                                                                                                        • Part of subcall function 00007FF65175B7D8: RtlFreeHeap.NTDLL(?,?,?,00007FF651763BB2,?,?,?,00007FF651763BEF,?,?,00000000,00007FF6517640B5,?,?,?,00007FF651763FE7), ref: 00007FF65175B7EE
                                                                                                                                                                                                        • Part of subcall function 00007FF65175B7D8: GetLastError.KERNEL32(?,?,?,00007FF651763BB2,?,?,?,00007FF651763BEF,?,?,00000000,00007FF6517640B5,?,?,?,00007FF651763FE7), ref: 00007FF65175B7F8
                                                                                                                                                                                                      • GetTimeZoneInformation.KERNELBASE(?,?,?,?,?,?,?,?,?,00000000,?,00007FF651766F9C), ref: 00007FF651766D83
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _get_daylight_invalid_parameter_noinfo$ErrorFreeHeapInformationLastTimeZone
                                                                                                                                                                                                      • String ID: Eastern Standard Time$Eastern Summer Time
                                                                                                                                                                                                      • API String ID: 3458911817-239921721
                                                                                                                                                                                                      • Opcode ID: dabf741a0b193159167fa0596149a88e91fee73d59200496ba2be6138591c043
                                                                                                                                                                                                      • Instruction ID: 35a55fae122c13df703ac97ad710f7df7ec335f6411592c35dc101d60e625cbb
                                                                                                                                                                                                      • Opcode Fuzzy Hash: dabf741a0b193159167fa0596149a88e91fee73d59200496ba2be6138591c043
                                                                                                                                                                                                      • Instruction Fuzzy Hash: BB519E32A1864696E710EF29D8811B967A1FB48784F884136FA4EE3A9FDF3CE540C744
                                                                                                                                                                                                      Function 00007FF65174B304 Relevance: 4.1, Strings: 3, Instructions: 398COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID: $header crc mismatch$unknown header flags set
                                                                                                                                                                                                      • API String ID: 0-1127688429
                                                                                                                                                                                                      • Opcode ID: 650c4c5133d35c3a4a76e12775ff643f635e1cb0ad74413b6fbdfe1592178e9a
                                                                                                                                                                                                      • Instruction ID: d90f8e711cd1280023e8ca06f08d97c27834fa8a704dfa4673d1bacd03d33633
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 650c4c5133d35c3a4a76e12775ff643f635e1cb0ad74413b6fbdfe1592178e9a
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 85F19362A183D58BE7958F1980C8B3E7AADEF45740F094538DA89A739ACFB9D940C740
                                                                                                                                                                                                      Function 00007FF65174A110 Relevance: 3.0, APIs: 2, Instructions: 29COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Find$CloseFileFirst
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2295610775-0
                                                                                                                                                                                                      • Opcode ID: b115aaa5e8937644bfb662755a1459c59560f1bb963ed3fb365ba1dcea5c7f5a
                                                                                                                                                                                                      • Instruction ID: 3d1769bc36c18fdc691beec13cc004d2a500cbf1887d972a2311f302d3b5f123
                                                                                                                                                                                                      • Opcode Fuzzy Hash: b115aaa5e8937644bfb662755a1459c59560f1bb963ed3fb365ba1dcea5c7f5a
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 36F0C826A19642C7F7608B68F48836673A0EB44364F081335DABE92AE9CF7CD449CA00
                                                                                                                                                                                                      Function 00007FF65174B16B Relevance: 2.7, Strings: 2, Instructions: 216COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID: incorrect header check$invalid window size
                                                                                                                                                                                                      • API String ID: 0-900081337
                                                                                                                                                                                                      • Opcode ID: 61af65ccc776c84da84267326c2754b3a1bcae24ed69bb063b52a93d8705262f
                                                                                                                                                                                                      • Instruction ID: 4bf98e3d332755abf39b06e7ee423f94cdc9e834fa502ac1c71c6591ac515d7d
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 61af65ccc776c84da84267326c2754b3a1bcae24ed69bb063b52a93d8705262f
                                                                                                                                                                                                      • Instruction Fuzzy Hash: D391B772A087C587F7A58F1CC488B3E3AADFB44350F094539DA8AA7685CF79E940CB40
                                                                                                                                                                                                      Function 00007FF651741950 Relevance: 29.9, APIs: 2, Strings: 15, Instructions: 199COMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                      control_flow_graph 418 7ff651741950-7ff65174199d call 7ff651742770 call 7ff651744c50 423 7ff65174199f-7ff6517419b0 call 7ff651742770 418->423 424 7ff6517419b5-7ff6517419f5 call 7ff6517488f0 418->424 429 7ff651741c8e-7ff651741cb2 call 7ff65174d3e0 423->429 430 7ff651741a08-7ff651741a27 call 7ff651742770 call 7ff651751564 424->430 431 7ff6517419f7-7ff651741a03 call 7ff651742770 424->431 442 7ff651741a29-7ff651741a43 call 7ff651755d98 call 7ff651742b70 430->442 443 7ff651741a48-7ff651741a64 call 7ff65175122c 430->443 438 7ff651741c7b-7ff651741c7e call 7ff651750edc 431->438 444 7ff651741c83-7ff651741c8b 438->444 442->438 450 7ff651741a66-7ff651741a80 call 7ff651755d98 call 7ff651742b70 443->450 451 7ff651741a85-7ff651741a9a call 7ff651755db8 443->451 444->429 450->438 458 7ff651741a9c-7ff651741ab6 call 7ff651755d98 call 7ff651742b70 451->458 459 7ff651741abb-7ff651741b45 call 7ff651741cc0 * 2 call 7ff651751564 call 7ff651755dd4 451->459 458->438 472 7ff651741b4a-7ff651741b54 459->472 473 7ff651741b56-7ff651741b70 call 7ff651755d98 call 7ff651742b70 472->473 474 7ff651741b75-7ff651741b8e call 7ff65175122c 472->474 473->438 480 7ff651741b90-7ff651741baa call 7ff651755d98 call 7ff651742b70 474->480 481 7ff651741baf-7ff651741bcb call 7ff651750fa0 474->481 480->438 488 7ff651741bcd-7ff651741bd9 call 7ff651742960 481->488 489 7ff651741bde-7ff651741bec 481->489 488->438 489->438 492 7ff651741bf2-7ff651741bf9 489->492 494 7ff651741c01-7ff651741c07 492->494 495 7ff651741c09-7ff651741c16 494->495 496 7ff651741c20-7ff651741c2f 494->496 497 7ff651741c31-7ff651741c3a 495->497 496->496 496->497 498 7ff651741c3c-7ff651741c3f 497->498 499 7ff651741c4f 497->499 498->499 501 7ff651741c41-7ff651741c44 498->501 500 7ff651741c51-7ff651741c64 499->500 503 7ff651741c66 500->503 504 7ff651741c6d-7ff651741c79 500->504 501->499 502 7ff651741c46-7ff651741c49 501->502 502->499 505 7ff651741c4b-7ff651741c4d 502->505 503->504 504->438 504->494 505->500
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: DebugOutputString
                                                                                                                                                                                                      • String ID: Could not allocate buffer for TOC!$Could not allocate memory for archive structure!$Could not read full TOC!$Error on file.$Failed to read cookie!$Failed to seek to cookie position!$LOADER: attempting to open archive %s$LOADER: cannot find cookie!$LOADER: cannot open archive: %s$LOADER: cookie found at offset 0x%llX$MEI$calloc$fread$fseek$malloc
                                                                                                                                                                                                      • API String ID: 1166629820-2612702325
                                                                                                                                                                                                      • Opcode ID: 02c9df35ad3dfec0aee9857e1a8001653838ba09bf47db6e97d19d0976359cf4
                                                                                                                                                                                                      • Instruction ID: ab5f9cea90fb6fc173e7edca42b47cbb08ab1847b97952916f91916874d57835
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 02c9df35ad3dfec0aee9857e1a8001653838ba09bf47db6e97d19d0976359cf4
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 88917F31A0868686EB10EB2CE4542F933A1EF88784F484432D98EE779FDEBCF5458744
                                                                                                                                                                                                      Function 00007FF651743970 Relevance: 28.1, APIs: 2, Strings: 14, Instructions: 106windowCOMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      APIs
                                                                                                                                                                                                        • Part of subcall function 00007FF651742770: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF651743CB6), ref: 00007FF651742847
                                                                                                                                                                                                      • PostMessageW.USER32 ref: 00007FF6517439E0
                                                                                                                                                                                                      • GetMessageW.USER32 ref: 00007FF6517439F3
                                                                                                                                                                                                        • Part of subcall function 00007FF651742770: OutputDebugStringA.KERNEL32(?,?,?,?,?,00007FF651743CB6), ref: 00007FF651742854
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: DebugMessageOutputString$Post
                                                                                                                                                                                                      • String ID: Failed to remove temporary directory: %s$LOADER: child process exited (return code: %d)$LOADER: end of process reached!$LOADER: extracting files to temporary directory...$LOADER: failed to extract files!$LOADER: failed to remove temporary directory - attempting to mitigate the situation...$LOADER: mitigation failed!$LOADER: mitigation succeeded.$LOADER: performing cleanup...$LOADER: removing temporary directory: %s$LOADER: setting _PYI_APPLICATION_HOME_DIR to %s$LOADER: starting the child process...$LOADER: temporary directory %s was successfully removed.$_PYI_APPLICATION_HOME_DIR
                                                                                                                                                                                                      • API String ID: 3280635411-4248730274
                                                                                                                                                                                                      • Opcode ID: df68bac6784b3433d8bdce7bf5bd2d3b2ba225da832c2ecd46edd95e8b927d01
                                                                                                                                                                                                      • Instruction ID: 6e237fda0e9ac47219cfea90c58f691984b048c7b0745c2af5ec1e8a45bdbe08
                                                                                                                                                                                                      • Opcode Fuzzy Hash: df68bac6784b3433d8bdce7bf5bd2d3b2ba225da832c2ecd46edd95e8b927d01
                                                                                                                                                                                                      • Instruction Fuzzy Hash: F4416C29E1865790FB01FB3DE8511BA2251AF94784F4C0131EA8DE62AFEE6CE654C740
                                                                                                                                                                                                      Function 00007FF651741600 Relevance: 22.9, APIs: 1, Strings: 12, Instructions: 145COMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                      control_flow_graph 565 7ff651741600-7ff651741611 566 7ff651741637-7ff651741651 call 7ff651744c50 565->566 567 7ff651741613-7ff65174161c call 7ff651741050 565->567 574 7ff651741653-7ff651741681 call 7ff651755d98 call 7ff651742b70 566->574 575 7ff651741682-7ff65174169c call 7ff651744c50 566->575 572 7ff65174162e-7ff651741636 567->572 573 7ff65174161e-7ff651741629 call 7ff651742960 567->573 573->572 581 7ff6517416b8-7ff6517416cf call 7ff651751564 575->581 582 7ff65174169e-7ff6517416b3 call 7ff651742960 575->582 590 7ff6517416f9-7ff6517416fd 581->590 591 7ff6517416d1-7ff6517416f4 call 7ff651755d98 call 7ff651742b70 581->591 589 7ff651741821-7ff651741824 call 7ff651750edc 582->589 598 7ff651741829-7ff65174183b 589->598 594 7ff651741717-7ff651741737 call 7ff651755dd4 590->594 595 7ff6517416ff-7ff65174170b call 7ff651741210 590->595 603 7ff651741819-7ff65174181c call 7ff651750edc 591->603 604 7ff651741739-7ff65174175c call 7ff651755d98 call 7ff651742b70 594->604 605 7ff651741761-7ff65174176c 594->605 600 7ff651741710-7ff651741712 595->600 600->603 603->589 617 7ff65174180f-7ff651741814 604->617 609 7ff651741802-7ff65174180a call 7ff651755dc0 605->609 610 7ff651741772-7ff651741777 605->610 609->617 612 7ff651741780-7ff6517417a2 call 7ff65175122c 610->612 620 7ff6517417da-7ff6517417e6 call 7ff651755d98 612->620 621 7ff6517417a4-7ff6517417bc call 7ff65175196c 612->621 617->603 628 7ff6517417ed-7ff6517417f8 call 7ff651742b70 620->628 626 7ff6517417be-7ff6517417c1 621->626 627 7ff6517417c5-7ff6517417d8 call 7ff651755d98 621->627 626->612 629 7ff6517417c3 626->629 627->628 632 7ff6517417fd 628->632 629->632 632->609
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentProcess
                                                                                                                                                                                                      • String ID: Failed to create symbolic link %s!$Failed to extract %s: failed to allocate temporary buffer!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to open target file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$Failed to extract %s: failed to write data chunk!$fopen$fread$fseek$fwrite$malloc
                                                                                                                                                                                                      • API String ID: 2050909247-1550345328
                                                                                                                                                                                                      • Opcode ID: 80f51d7711c3661c853c51745a5a9e9f8271571cb0aaf03fe45494e94d843a24
                                                                                                                                                                                                      • Instruction ID: f25ee42d3e8d43f39b823c668a48af59e67502efb865b32d56f211c1098617f1
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 80f51d7711c3661c853c51745a5a9e9f8271571cb0aaf03fe45494e94d843a24
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 36518121B08A4792EB10EB69A4501B923A0BF44BA4F4C4532ED9DE779FEF7CF5558700
                                                                                                                                                                                                      Function 00007FF651749450 Relevance: 17.6, APIs: 3, Strings: 7, Instructions: 121COMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetTempPathW.KERNEL32(?,?,00000000,00007FF651744223), ref: 00007FF651749500
                                                                                                                                                                                                      • GetCurrentProcessId.KERNEL32(?,00000000,00007FF651744223), ref: 00007FF651749517
                                                                                                                                                                                                      • CreateDirectoryW.KERNELBASE(?,00000000,00007FF651744223), ref: 00007FF65174955C
                                                                                                                                                                                                        • Part of subcall function 00007FF651749640: GetEnvironmentVariableW.KERNEL32(00007FF651743D93), ref: 00007FF651749677
                                                                                                                                                                                                        • Part of subcall function 00007FF651749640: ExpandEnvironmentStringsW.KERNEL32 ref: 00007FF651749699
                                                                                                                                                                                                        • Part of subcall function 00007FF6517590C8: _invalid_parameter_noinfo.LIBCMT ref: 00007FF6517590E1
                                                                                                                                                                                                        • Part of subcall function 00007FF651742A60: GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF651743C41,?,00007FF651743CC2), ref: 00007FF651742AB0
                                                                                                                                                                                                        • Part of subcall function 00007FF651742A60: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF651743C41), ref: 00007FF651742B25
                                                                                                                                                                                                        • Part of subcall function 00007FF651742A60: MessageBoxW.USER32 ref: 00007FF651742B45
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentEnvironmentProcess$CreateDebugDirectoryExpandMessageOutputPathStringStringsTempVariable_invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID: LOADER: attempting to create temporary application directory under %ls$LOADER: failed to set the TMP environment variable.$LOADER: length of teporary directory path exceeds maximum path length!$LOADER: successfully resolved the specified runtime-tmpdir$TMP$TMP$_MEI%d
                                                                                                                                                                                                      • API String ID: 1643647955-3213535515
                                                                                                                                                                                                      • Opcode ID: c606627df3820bb8403899c8b79fcdb97f6df4ec429bdefd0d791db7f7384280
                                                                                                                                                                                                      • Instruction ID: 263d831ba7d1586d26f83a0c9394d469e087747892aa72541ce94079eaa318d2
                                                                                                                                                                                                      • Opcode Fuzzy Hash: c606627df3820bb8403899c8b79fcdb97f6df4ec429bdefd0d791db7f7384280
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 0C518D22A0D64381FB10AB2DA8952FE5251AF89780F984031ED8EE76DFEE7CE545C740
                                                                                                                                                                                                      Function 00007FF651743B40 Relevance: 14.1, APIs: 2, Strings: 6, Instructions: 66COMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetModuleFileNameW.KERNEL32(?,00007FF651743CC2), ref: 00007FF651743B71
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,00007FF651743CC2), ref: 00007FF651743B7B
                                                                                                                                                                                                        • Part of subcall function 00007FF651742EC0: GetCurrentProcessId.KERNEL32(?,?,?,?,?,?,?,?,00007FF651743B96,?,00007FF651743CC2), ref: 00007FF651742F0E
                                                                                                                                                                                                        • Part of subcall function 00007FF651742EC0: FormatMessageW.KERNEL32(?,?,?,?,?,?,?,?,00007FF651743B96,?,00007FF651743CC2), ref: 00007FF651742FD3
                                                                                                                                                                                                        • Part of subcall function 00007FF651742EC0: OutputDebugStringW.KERNEL32(?,?,?,?,?,?,?,00007FF651743B96,?,00007FF651743CC2), ref: 00007FF651742FF4
                                                                                                                                                                                                        • Part of subcall function 00007FF651742EC0: MessageBoxW.USER32 ref: 00007FF651743014
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Message$CurrentDebugErrorFileFormatLastModuleNameOutputProcessString
                                                                                                                                                                                                      • String ID: Failed to convert executable path to UTF-8.$Failed to obtain executable path.$Failed to resolve full path to executable %ls.$GetModuleFileNameW$LOADER: executable file %ls is a symbolic link - resolving...$\\?\
                                                                                                                                                                                                      • API String ID: 1136975792-3595768550
                                                                                                                                                                                                      • Opcode ID: ab5fff048a2e73f7a03f5fff30499c8b86eb4a2326ad181048950ccdb532db7e
                                                                                                                                                                                                      • Instruction ID: 759c783d5b66758d54ea41bd796b4dd84476865b2de10e960ec2e3b0214939cc
                                                                                                                                                                                                      • Opcode Fuzzy Hash: ab5fff048a2e73f7a03f5fff30499c8b86eb4a2326ad181048950ccdb532db7e
                                                                                                                                                                                                      • Instruction Fuzzy Hash: C8317521B1C55291FB61972DE8553B92251FF58384F880132E9DEE25DFEFACE604C704
                                                                                                                                                                                                      Function 00007FF651741210 Relevance: 12.4, APIs: 1, Strings: 6, Instructions: 158COMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                      control_flow_graph 981 7ff651741210-7ff65174126d call 7ff65174cc10 984 7ff651741297-7ff6517412af call 7ff651755dd4 981->984 985 7ff65174126f-7ff651741296 call 7ff651742960 981->985 990 7ff6517412b1-7ff6517412cf call 7ff651755d98 call 7ff651742b70 984->990 991 7ff6517412d4-7ff6517412e4 call 7ff651755dd4 984->991 1002 7ff651741439-7ff65174144e call 7ff65174c8f0 call 7ff651755dc0 * 2 990->1002 996 7ff651741309-7ff65174131b 991->996 997 7ff6517412e6-7ff651741304 call 7ff651755d98 call 7ff651742b70 991->997 1000 7ff651741320-7ff651741345 call 7ff65175122c 996->1000 997->1002 1010 7ff65174134b-7ff651741355 call 7ff651750fa0 1000->1010 1011 7ff651741431 1000->1011 1019 7ff651741453-7ff65174146d 1002->1019 1010->1011 1017 7ff65174135b-7ff651741367 1010->1017 1011->1002 1018 7ff651741370-7ff651741398 call 7ff65174b050 1017->1018 1022 7ff651741416-7ff65174142c call 7ff651742960 1018->1022 1023 7ff65174139a-7ff65174139d 1018->1023 1022->1011 1024 7ff651741411 1023->1024 1025 7ff65174139f-7ff6517413a9 1023->1025 1024->1022 1027 7ff6517413ab-7ff6517413b9 call 7ff65175196c 1025->1027 1028 7ff6517413d4-7ff6517413d7 1025->1028 1033 7ff6517413be-7ff6517413c1 1027->1033 1030 7ff6517413d9-7ff6517413e7 call 7ff65176acc0 1028->1030 1031 7ff6517413ea-7ff6517413ef 1028->1031 1030->1031 1031->1018 1032 7ff6517413f5-7ff6517413f8 1031->1032 1035 7ff65174140c-7ff65174140f 1032->1035 1036 7ff6517413fa-7ff6517413fd 1032->1036 1037 7ff6517413cf-7ff6517413d2 1033->1037 1038 7ff6517413c3-7ff6517413cd call 7ff651750fa0 1033->1038 1035->1011 1036->1022 1040 7ff6517413ff-7ff651741407 1036->1040 1037->1022 1038->1031 1038->1037 1040->1000
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentProcess
                                                                                                                                                                                                      • String ID: 1.3.1$Failed to extract %s: decompression resulted in return code %d!$Failed to extract %s: failed to allocate temporary input buffer!$Failed to extract %s: failed to allocate temporary output buffer!$Failed to extract %s: inflateInit() failed with return code %d!$malloc
                                                                                                                                                                                                      • API String ID: 2050909247-2813020118
                                                                                                                                                                                                      • Opcode ID: c4067a1d0776e77692ea075cf0e036256fd1b3446e74865e1dc8348c8b4adeb5
                                                                                                                                                                                                      • Instruction ID: 8e397e356f98320dc4b05d9ae4ae92af8fe08c282ed519b87bd3cfe2fb9dec68
                                                                                                                                                                                                      • Opcode Fuzzy Hash: c4067a1d0776e77692ea075cf0e036256fd1b3446e74865e1dc8348c8b4adeb5
                                                                                                                                                                                                      • Instruction Fuzzy Hash: D551A022A0868282E760AB19E4403BA6290FF85794F5C4535EE8DE7B8FEF7CE445C700
                                                                                                                                                                                                      Function 00007FF65175FBA0 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 117libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                      control_flow_graph 1043 7ff65175fba0-7ff65175fbf2 1044 7ff65175fbf8-7ff65175fbfb 1043->1044 1045 7ff65175fce3 1043->1045 1046 7ff65175fbfd-7ff65175fc00 1044->1046 1047 7ff65175fc05-7ff65175fc08 1044->1047 1048 7ff65175fce5-7ff65175fd01 1045->1048 1046->1048 1049 7ff65175fcc8-7ff65175fcdb 1047->1049 1050 7ff65175fc0e-7ff65175fc1d 1047->1050 1049->1045 1051 7ff65175fc2d-7ff65175fc4c LoadLibraryExW 1050->1051 1052 7ff65175fc1f-7ff65175fc22 1050->1052 1053 7ff65175fd02-7ff65175fd17 1051->1053 1054 7ff65175fc52-7ff65175fc5b GetLastError 1051->1054 1055 7ff65175fc28 1052->1055 1056 7ff65175fd22-7ff65175fd31 GetProcAddress 1052->1056 1053->1056 1057 7ff65175fd19-7ff65175fd1c FreeLibrary 1053->1057 1059 7ff65175fc5d-7ff65175fc74 call 7ff651756098 1054->1059 1060 7ff65175fca2-7ff65175fcac 1054->1060 1058 7ff65175fcb4-7ff65175fcbb 1055->1058 1061 7ff65175fd33-7ff65175fd5a 1056->1061 1062 7ff65175fcc1 1056->1062 1057->1056 1058->1050 1058->1062 1059->1060 1065 7ff65175fc76-7ff65175fc8a call 7ff651756098 1059->1065 1060->1058 1061->1048 1062->1049 1065->1060 1068 7ff65175fc8c-7ff65175fca0 LoadLibraryExW 1065->1068 1068->1053 1068->1060
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • FreeLibrary.KERNEL32(?,?,?,00007FF65175FF3A,?,?,-00000018,00007FF65175BBE3,?,?,?,00007FF65175BADA,?,?,?,00007FF651756DCE), ref: 00007FF65175FD1C
                                                                                                                                                                                                      • GetProcAddress.KERNEL32(?,?,?,00007FF65175FF3A,?,?,-00000018,00007FF65175BBE3,?,?,?,00007FF65175BADA,?,?,?,00007FF651756DCE), ref: 00007FF65175FD28
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: AddressFreeLibraryProc
                                                                                                                                                                                                      • String ID: api-ms-$ext-ms-
                                                                                                                                                                                                      • API String ID: 3013587201-537541572
                                                                                                                                                                                                      • Opcode ID: 2cf8426f931154c99cb9ee01236de544aa4ff3b33c516dcf84111848d41d3d11
                                                                                                                                                                                                      • Instruction ID: 95dd6b6882642e6bbf1a4bfe7e51d1731b1b8048c982fd84ef43b323e0a505a3
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 2cf8426f931154c99cb9ee01236de544aa4ff3b33c516dcf84111848d41d3d11
                                                                                                                                                                                                      • Instruction Fuzzy Hash: D941D361B19A0282FB16CB1EAC006B62395BF45B90F4E4535DD6EE778EEE3DE445C304
                                                                                                                                                                                                      Function 00007FF65175C8EC Relevance: 10.8, APIs: 7, Instructions: 290COMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                      control_flow_graph 1224 7ff65175c8ec-7ff65175c912 1225 7ff65175c92d-7ff65175c931 1224->1225 1226 7ff65175c914-7ff65175c928 call 7ff651755d78 call 7ff651755d98 1224->1226 1228 7ff65175cd07-7ff65175cd13 call 7ff651755d78 call 7ff651755d98 1225->1228 1229 7ff65175c937-7ff65175c93e 1225->1229 1242 7ff65175cd1e 1226->1242 1248 7ff65175cd19 call 7ff65175b770 1228->1248 1229->1228 1231 7ff65175c944-7ff65175c972 1229->1231 1231->1228 1234 7ff65175c978-7ff65175c97f 1231->1234 1237 7ff65175c998-7ff65175c99b 1234->1237 1238 7ff65175c981-7ff65175c993 call 7ff651755d78 call 7ff651755d98 1234->1238 1240 7ff65175cd03-7ff65175cd05 1237->1240 1241 7ff65175c9a1-7ff65175c9a7 1237->1241 1238->1248 1245 7ff65175cd21-7ff65175cd38 1240->1245 1241->1240 1246 7ff65175c9ad-7ff65175c9b0 1241->1246 1242->1245 1246->1238 1249 7ff65175c9b2-7ff65175c9d7 1246->1249 1248->1242 1252 7ff65175ca0a-7ff65175ca11 1249->1252 1253 7ff65175c9d9-7ff65175c9db 1249->1253 1257 7ff65175c9e6-7ff65175c9fd call 7ff651755d78 call 7ff651755d98 call 7ff65175b770 1252->1257 1258 7ff65175ca13-7ff65175ca3b call 7ff65175e48c call 7ff65175b7d8 * 2 1252->1258 1255 7ff65175c9dd-7ff65175c9e4 1253->1255 1256 7ff65175ca02-7ff65175ca08 1253->1256 1255->1256 1255->1257 1260 7ff65175ca88-7ff65175ca9f 1256->1260 1289 7ff65175cb90 1257->1289 1285 7ff65175ca3d-7ff65175ca53 call 7ff651755d98 call 7ff651755d78 1258->1285 1286 7ff65175ca58-7ff65175ca83 call 7ff65175d114 1258->1286 1264 7ff65175cb1a-7ff65175cb24 call 7ff6517647ac 1260->1264 1265 7ff65175caa1-7ff65175caa9 1260->1265 1277 7ff65175cb2a-7ff65175cb3f 1264->1277 1278 7ff65175cbae 1264->1278 1265->1264 1269 7ff65175caab-7ff65175caad 1265->1269 1269->1264 1270 7ff65175caaf-7ff65175cac5 1269->1270 1270->1264 1274 7ff65175cac7-7ff65175cad3 1270->1274 1274->1264 1279 7ff65175cad5-7ff65175cad7 1274->1279 1277->1278 1283 7ff65175cb41-7ff65175cb53 GetConsoleMode 1277->1283 1281 7ff65175cbb3-7ff65175cbd3 ReadFile 1278->1281 1279->1264 1284 7ff65175cad9-7ff65175caf1 1279->1284 1287 7ff65175cccd-7ff65175ccd6 GetLastError 1281->1287 1288 7ff65175cbd9-7ff65175cbe1 1281->1288 1283->1278 1290 7ff65175cb55-7ff65175cb5d 1283->1290 1284->1264 1294 7ff65175caf3-7ff65175caff 1284->1294 1285->1289 1286->1260 1291 7ff65175ccd8-7ff65175ccee call 7ff651755d98 call 7ff651755d78 1287->1291 1292 7ff65175ccf3-7ff65175ccf6 1287->1292 1288->1287 1296 7ff65175cbe7 1288->1296 1293 7ff65175cb93-7ff65175cb9d call 7ff65175b7d8 1289->1293 1290->1281 1298 7ff65175cb5f-7ff65175cb81 ReadConsoleW 1290->1298 1291->1289 1302 7ff65175ccfc-7ff65175ccfe 1292->1302 1303 7ff65175cb89-7ff65175cb8b call 7ff651755d0c 1292->1303 1293->1245 1294->1264 1301 7ff65175cb01-7ff65175cb03 1294->1301 1305 7ff65175cbee-7ff65175cc03 1296->1305 1307 7ff65175cb83 GetLastError 1298->1307 1308 7ff65175cba2-7ff65175cbac 1298->1308 1301->1264 1312 7ff65175cb05-7ff65175cb15 1301->1312 1302->1293 1303->1289 1305->1293 1314 7ff65175cc05-7ff65175cc10 1305->1314 1307->1303 1308->1305 1312->1264 1317 7ff65175cc37-7ff65175cc3f 1314->1317 1318 7ff65175cc12-7ff65175cc2b call 7ff65175c504 1314->1318 1319 7ff65175ccbb-7ff65175ccc8 call 7ff65175c344 1317->1319 1320 7ff65175cc41-7ff65175cc53 1317->1320 1326 7ff65175cc30-7ff65175cc32 1318->1326 1319->1326 1323 7ff65175cc55 1320->1323 1324 7ff65175ccae-7ff65175ccb6 1320->1324 1327 7ff65175cc5a-7ff65175cc61 1323->1327 1324->1293 1326->1293 1329 7ff65175cc9d-7ff65175cca8 1327->1329 1330 7ff65175cc63-7ff65175cc67 1327->1330 1329->1324 1331 7ff65175cc69-7ff65175cc70 1330->1331 1332 7ff65175cc83 1330->1332 1331->1332 1333 7ff65175cc72-7ff65175cc76 1331->1333 1334 7ff65175cc89-7ff65175cc99 1332->1334 1333->1332 1335 7ff65175cc78-7ff65175cc81 1333->1335 1334->1327 1336 7ff65175cc9b 1334->1336 1335->1334 1336->1324
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3215553584-0
                                                                                                                                                                                                      • Opcode ID: c6d04fa6b1df836cb2c5704bdd07afeace38946f404313200361d7a3cb124643
                                                                                                                                                                                                      • Instruction ID: d65e080deb78bdacdb93c8e2ae4261ae1abd16cb24f61b9817e3c15549b8e9d9
                                                                                                                                                                                                      • Opcode Fuzzy Hash: c6d04fa6b1df836cb2c5704bdd07afeace38946f404313200361d7a3cb124643
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 54C1C222A0D78653E7608B1994443BD7BA9EB81B80F5E4931DA4EA379BDF7CE8458340
                                                                                                                                                                                                      Function 00007FF6517488F0 Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 101COMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: DebugOutputString
                                                                                                                                                                                                      • String ID: LOADER: failed to allocate read buffer (%d bytes)!$LOADER: failed to read chunk (%zd bytes)!$LOADER: failed to seek to the end of the file!$LOADER: failed to seek to the offset 0x%llX!$LOADER: file is too short to contain magic pattern!
                                                                                                                                                                                                      • API String ID: 1166629820-3243231480
                                                                                                                                                                                                      • Opcode ID: 30dc7d09c1a7b9a595ac899a2b6a0d8bcbb2e6bacebd62800badf9eb33942831
                                                                                                                                                                                                      • Instruction ID: 34979f0c843810f13b2b4563f8476f8d384a720747b9706fa7c2b146aeb1bdd0
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 30dc7d09c1a7b9a595ac899a2b6a0d8bcbb2e6bacebd62800badf9eb33942831
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 10318E11B5C65A42FB10ABAAA8143BA5251BF45BC4F8C1431DD8EE7B8FDEBCF5468300
                                                                                                                                                                                                      Function 00007FF651749E70 Relevance: 10.6, APIs: 2, Strings: 5, Instructions: 67COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                        • Part of subcall function 00007FF651749360: GetCurrentProcess.KERNEL32 ref: 00007FF651749380
                                                                                                                                                                                                        • Part of subcall function 00007FF651749360: OpenProcessToken.ADVAPI32 ref: 00007FF651749393
                                                                                                                                                                                                        • Part of subcall function 00007FF651749360: GetTokenInformation.KERNELBASE ref: 00007FF6517493B8
                                                                                                                                                                                                        • Part of subcall function 00007FF651749360: GetLastError.KERNEL32 ref: 00007FF6517493C2
                                                                                                                                                                                                        • Part of subcall function 00007FF651749360: GetTokenInformation.KERNELBASE ref: 00007FF651749402
                                                                                                                                                                                                        • Part of subcall function 00007FF651749360: ConvertSidToStringSidW.ADVAPI32 ref: 00007FF65174941E
                                                                                                                                                                                                        • Part of subcall function 00007FF651749360: CloseHandle.KERNELBASE ref: 00007FF651749436
                                                                                                                                                                                                      • LocalFree.KERNEL32(?,00007FF6517441E6), ref: 00007FF651749EFC
                                                                                                                                                                                                      • LocalFree.KERNEL32(?,00007FF6517441E6), ref: 00007FF651749F05
                                                                                                                                                                                                        • Part of subcall function 00007FF651742880: GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF651743BC3,?,00007FF651743CC2), ref: 00007FF6517428CE
                                                                                                                                                                                                        • Part of subcall function 00007FF651742880: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF651743BC3,?,00007FF651743CC2), ref: 00007FF651742938
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ProcessToken$CurrentFreeInformationLocalString$CloseConvertDebugErrorHandleLastOpenOutput
                                                                                                                                                                                                      • String ID: D:(A;;FA;;;%s)$D:(A;;FA;;;%s)(A;;FA;;;%s)$LOADER: initializing security descriptor from string: %ls$S-1-3-4$Security descriptor string length exceeds PYI_PATH_MAX!
                                                                                                                                                                                                      • API String ID: 269996328-3724802649
                                                                                                                                                                                                      • Opcode ID: 0fb635d01a0a8578cdc0ce425cbf87334b191a391a82d46fed871a4991161a20
                                                                                                                                                                                                      • Instruction ID: 45d170562751cc29e22c8d8efa959e9707e2d6fd10c09f2b505c6e24d818617e
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 0fb635d01a0a8578cdc0ce425cbf87334b191a391a82d46fed871a4991161a20
                                                                                                                                                                                                      • Instruction Fuzzy Hash: FB314121A0874291FB109B18E4152FA6365FF88780F884032EA8EE379FDF7CD945C740
                                                                                                                                                                                                      Function 00007FF651749360 Relevance: 10.6, APIs: 7, Instructions: 63COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Token$InformationProcess$CloseConvertCurrentErrorHandleLastOpenString
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 995526605-0
                                                                                                                                                                                                      • Opcode ID: 24eb610123184a592acb1726fee7a2c6cfb3255145f74ec145e7977f7f63bc8d
                                                                                                                                                                                                      • Instruction ID: c9c65ca73a524a57317eae385ff54a6120eaae65356ef4b4fc8dd1747f6b11fe
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 24eb610123184a592acb1726fee7a2c6cfb3255145f74ec145e7977f7f63bc8d
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 95213531B0C64282EB509B5DF44427AA3B0FF857A0F580235EAAD93ADEDFBCD4458700
                                                                                                                                                                                                      Function 00007FF651748780 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 81COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • CreateDirectoryW.KERNELBASE(00000000,?,00007FF6517437CC,?,?,00007FF651743991), ref: 00007FF651748892
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CreateDirectory
                                                                                                                                                                                                      • String ID: %.*s$%s%c$\
                                                                                                                                                                                                      • API String ID: 4241100979-1685191245
                                                                                                                                                                                                      • Opcode ID: 0362d3d932d55a93072d3eaec6bdb4c77d688c09dfb31a83021b04a9b47effdc
                                                                                                                                                                                                      • Instruction ID: b5714003590fe314755c1ff431ba1edb9c544ec1bfc9857acc78789b7e786ec2
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 0362d3d932d55a93072d3eaec6bdb4c77d688c09dfb31a83021b04a9b47effdc
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 8E31A921B19AC545FB219B19E8107EA6358EF84BE0F480231EEED97BCEDF6CD6458700
                                                                                                                                                                                                      Function 00007FF651742770 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 66COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: DebugOutputString
                                                                                                                                                                                                      • String ID: DEBUG$[PYI-%d:%s]
                                                                                                                                                                                                      • API String ID: 1166629820-1289759194
                                                                                                                                                                                                      • Opcode ID: 748e06c0e0a39e0e8a762c8916ade1a617286f8dc54f73602f705243733eb28d
                                                                                                                                                                                                      • Instruction ID: d9fb707385d4b4970c23c75bc2520a15931667840b757bd2a5b9f411f534c52c
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 748e06c0e0a39e0e8a762c8916ade1a617286f8dc54f73602f705243733eb28d
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 6D219422619B8292E7219B54F8516EA7368FF847C0F440035FACD93A5EEF7CE255C700
                                                                                                                                                                                                      Function 00007FF651742880 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 57COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF651743BC3,?,00007FF651743CC2), ref: 00007FF6517428CE
                                                                                                                                                                                                      • OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF651743BC3,?,00007FF651743CC2), ref: 00007FF651742938
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentDebugOutputProcessString
                                                                                                                                                                                                      • String ID: DEBUG$[PYI-%d:%ls]
                                                                                                                                                                                                      • API String ID: 181776342-790511422
                                                                                                                                                                                                      • Opcode ID: 9895eb34f2e60a8c229c0deb4cba74aa12737b71fc0bdacaf82b9344707514a9
                                                                                                                                                                                                      • Instruction ID: 7e22f158c00062a2fcf9b2d2f84df83ef673d359572449fd12af0d9bf73c5b9f
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 9895eb34f2e60a8c229c0deb4cba74aa12737b71fc0bdacaf82b9344707514a9
                                                                                                                                                                                                      • Instruction Fuzzy Hash: F7118422718B8192E7109B54F8445AA7764FB887C0F440135EACDA3A5EDF7CE255C700
                                                                                                                                                                                                      Function 00007FF65175DDF0 Relevance: 6.2, APIs: 4, Instructions: 218COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetConsoleMode.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF65175DDDB), ref: 00007FF65175DF0C
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF65175DDDB), ref: 00007FF65175DF97
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ConsoleErrorLastMode
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 953036326-0
                                                                                                                                                                                                      • Opcode ID: 166a3c9b3234785f47c0885528a8716e8cc121542d06da8e3a63f31bbb850efd
                                                                                                                                                                                                      • Instruction ID: cb9582063ad919de09e82d939029864f7d272196f6068f7799904e30490cffe5
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 166a3c9b3234785f47c0885528a8716e8cc121542d06da8e3a63f31bbb850efd
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 2D91D526F0865686F7609F2DD4402BD6BA0BB44B88F194139DE4EB7A9EDF3CD582C700
                                                                                                                                                                                                      Function 00007FF65176081C Relevance: 6.2, APIs: 4, Instructions: 162COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _get_daylight$_isindst
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 4170891091-0
                                                                                                                                                                                                      • Opcode ID: 82d75ea4ed38acbe1bdd5a9cb20d7e9acbad6c88499b96c74728dc6f26a76436
                                                                                                                                                                                                      • Instruction ID: 78ffa195e8cf438db2c80147ea5e11c603533c5f456065487c1bfe3c141d6136
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 82d75ea4ed38acbe1bdd5a9cb20d7e9acbad6c88499b96c74728dc6f26a76436
                                                                                                                                                                                                      • Instruction Fuzzy Hash: C051F972F0425A8AFB18DF7CD9556BC2B61BB14398F580235DD1EE2ADADF38A542C700
                                                                                                                                                                                                      Function 00007FF65175660C Relevance: 6.1, APIs: 4, Instructions: 119pipeCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: File$ErrorHandleInformationLastNamedPeekPipeType
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2780335769-0
                                                                                                                                                                                                      • Opcode ID: 4ccfc96ddbfee78b4fd39776d8ebd43501299f8ad26c04ff2c64eaa07cfe321b
                                                                                                                                                                                                      • Instruction ID: dc7a5ab2dc7cde4b94e5106d73731a7ac4b6b0d7c74ce84d482407f36b7211c9
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 4ccfc96ddbfee78b4fd39776d8ebd43501299f8ad26c04ff2c64eaa07cfe321b
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 7A517E26E046418AFB10DF79D4503BD27B1AB48B98F194935EE0DA768EEF38D491C704
                                                                                                                                                                                                      Function 00007FF6517564B8 Relevance: 6.1, APIs: 4, Instructions: 90fileCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CloseCreateFileHandle_invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 1279662727-0
                                                                                                                                                                                                      • Opcode ID: 7f92e2874d9a2d9efa93076af0fe33bf5aa9a4a907d9749b036b02d25ac8a779
                                                                                                                                                                                                      • Instruction ID: f16d32365a8149ee6e828075e814cfabf9e0821b752aef5206d683066678cdf4
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 7f92e2874d9a2d9efa93076af0fe33bf5aa9a4a907d9749b036b02d25ac8a779
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 7C41C162D1878283F7508B2495503797360FF947A4F199335E69CA3ADAEF7CA5E08704
                                                                                                                                                                                                      Function 00007FF65174DACC Relevance: 4.6, APIs: 3, Instructions: 94COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: __scrt_acquire_startup_lock__scrt_dllmain_crt_thread_attach__scrt_get_show_window_mode__scrt_release_startup_lock
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3251591375-0
                                                                                                                                                                                                      • Opcode ID: 16d03e73980375e06462375b2106f8ecdc7d8f81dd6b90faf4ae389839a669cc
                                                                                                                                                                                                      • Instruction ID: e8f0823f6fbf4c855ea9501521903fb0e8a4a98f26929ee949405b18a6a8c2ca
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 16d03e73980375e06462375b2106f8ecdc7d8f81dd6b90faf4ae389839a669cc
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 88319E28E0C64386FB20AB6CD4513B922919FA0344F4D4439E9CDF76DFDEACAA44C254
                                                                                                                                                                                                      Function 00007FF65175A8C0 Relevance: 4.5, APIs: 3, Instructions: 14COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Process$CurrentExitTerminate
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 1703294689-0
                                                                                                                                                                                                      • Opcode ID: b76257344a5b50ebda4ee83f8be65098c3a4b9f4f631976851ec82effe05ecc4
                                                                                                                                                                                                      • Instruction ID: ba47d045e18a712abcf8746c78861d490e5d7edc9b95d136e4086f54660b965d
                                                                                                                                                                                                      • Opcode Fuzzy Hash: b76257344a5b50ebda4ee83f8be65098c3a4b9f4f631976851ec82effe05ecc4
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 78D09254B48B4A87FB182BB95C9507822A15F99B41F1D183DC84BB639BDE3CA84A8241
                                                                                                                                                                                                      Function 00007FF651750FCC Relevance: 3.2, APIs: 2, Instructions: 177COMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3215553584-0
                                                                                                                                                                                                      • Opcode ID: 96884a4a3539bb240153a1accf893d2f9df282063f616c0c469399cf1f6d866f
                                                                                                                                                                                                      • Instruction ID: 6687eea7eb2d7bf9402647da4925fd34243b1a7988d6727f77c8d7e51a7bd6fe
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 96884a4a3539bb240153a1accf893d2f9df282063f616c0c469399cf1f6d866f
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 1151E661B0928587FB289A2E980067A6691BF45BA5F1E8734DD7CE77CFEF3CD4018601
                                                                                                                                                                                                      Function 00007FF65175CFC4 Relevance: 3.0, APIs: 2, Instructions: 46COMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ErrorFileLastPointer
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2976181284-0
                                                                                                                                                                                                      • Opcode ID: 96d2edb60fa6006c921da832751023f9e82c24f7d036db6c415003cfc4d6a9e5
                                                                                                                                                                                                      • Instruction ID: 0fd2684e0fa1c589f8b9de47924f92629c04f347822bcc639224714ef93f96a8
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 96d2edb60fa6006c921da832751023f9e82c24f7d036db6c415003cfc4d6a9e5
                                                                                                                                                                                                      • Instruction Fuzzy Hash: D211C462618A8182DB208B29E4441697361EB44BF4F584331EE7D977EECF7CD1558700
                                                                                                                                                                                                      Function 00007FF6517567B4 Relevance: 3.0, APIs: 2, Instructions: 40timeCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • FileTimeToSystemTime.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF6517566C9), ref: 00007FF6517567E7
                                                                                                                                                                                                      • SystemTimeToTzSpecificLocalTime.KERNELBASE(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF6517566C9), ref: 00007FF6517567FD
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Time$System$FileLocalSpecific
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 1707611234-0
                                                                                                                                                                                                      • Opcode ID: f9abe76fdc066367e9013ed35a99b3db3cf23b21c85352d4f54951d182e3833f
                                                                                                                                                                                                      • Instruction ID: fe212db7176ee11ad1468e4a9ebc4673156cdcfd981c7cf734b0410209eac6f9
                                                                                                                                                                                                      • Opcode Fuzzy Hash: f9abe76fdc066367e9013ed35a99b3db3cf23b21c85352d4f54951d182e3833f
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 7711A072A0C65282EB548F19E80103AB7A0FB84BA1F540236FADED19DDEF7CE114CB00
                                                                                                                                                                                                      Function 00007FF65175B7D8 Relevance: 3.0, APIs: 2, Instructions: 19memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • RtlFreeHeap.NTDLL(?,?,?,00007FF651763BB2,?,?,?,00007FF651763BEF,?,?,00000000,00007FF6517640B5,?,?,?,00007FF651763FE7), ref: 00007FF65175B7EE
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,?,?,00007FF651763BB2,?,?,?,00007FF651763BEF,?,?,00000000,00007FF6517640B5,?,?,?,00007FF651763FE7), ref: 00007FF65175B7F8
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ErrorFreeHeapLast
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 485612231-0
                                                                                                                                                                                                      • Opcode ID: 1b20a3debd526edf3a8c9a5df2e98288861d52d7c4b626b35b8767b378a30627
                                                                                                                                                                                                      • Instruction ID: 312f87eb588e416338f7379346698469bfb2897dd5d66d05baf3b98d3c1a6a08
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 1b20a3debd526edf3a8c9a5df2e98288861d52d7c4b626b35b8767b378a30627
                                                                                                                                                                                                      • Instruction Fuzzy Hash: B4E08C11F0920693FF18ABFA98C513822A14F89B41F0D9831C80EF729BDE3CA8858250
                                                                                                                                                                                                      Function 00007FF65175B9E8 Relevance: 2.6, APIs: 2, Instructions: 59COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • CloseHandle.KERNELBASE(?,?,?,00007FF65175B865,?,?,00000000,00007FF65175B91A), ref: 00007FF65175BA56
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,?,?,00007FF65175B865,?,?,00000000,00007FF65175B91A), ref: 00007FF65175BA60
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CloseErrorHandleLast
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 918212764-0
                                                                                                                                                                                                      • Opcode ID: 112934bd90ed67d7ea17ef96cdf701313af9393377a295654a3cf3f6e4ed98fb
                                                                                                                                                                                                      • Instruction ID: e5b4d058a53a081300f11aa851cbb62efb7b3215aa972a06f40eea00d0df741a
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 112934bd90ed67d7ea17ef96cdf701313af9393377a295654a3cf3f6e4ed98fb
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4621AE61F1868243FF50572D94D027922929F85BA5F1E4235EA2EE73DFCE7CE5458300
                                                                                                                                                                                                      Function 00007FF65175CD3C Relevance: 1.6, APIs: 1, Instructions: 112COMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3215553584-0
                                                                                                                                                                                                      • Opcode ID: 97bf66591f456fcf87f49a19c390b07f2262942af5ce3e9fca4e94da4f63b224
                                                                                                                                                                                                      • Instruction ID: 5eb40b1262d1ab241cbfff97ae52983635cff213c7586a87a7f9b58205f13d0b
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 97bf66591f456fcf87f49a19c390b07f2262942af5ce3e9fca4e94da4f63b224
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 3B41D032A0964583EB348B2DA58027977A4EF5AF40F190531DA8EE769BCF3CE442C790
                                                                                                                                                                                                      Function 00007FF65175C7CC Relevance: 1.6, APIs: 1, Instructions: 79COMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3215553584-0
                                                                                                                                                                                                      • Opcode ID: 80921bc84da075a198c8dc568ab56c815ecc283854dc6cd5fe02cf1a5eab9509
                                                                                                                                                                                                      • Instruction ID: bc8fa3254297e186de6200aeebf758595058541dbc65c20356962f4b9ecf1c3c
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 80921bc84da075a198c8dc568ab56c815ecc283854dc6cd5fe02cf1a5eab9509
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 2F319022E1961297F7116B1D888137C2764AF44BA0F5A0635E92DE33DBCFBCF4828751
                                                                                                                                                                                                      Function 00007FF65175A7F1 Relevance: 1.6, APIs: 1, Instructions: 61COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: HandleModule$AddressFreeLibraryProc
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3947729631-0
                                                                                                                                                                                                      • Opcode ID: 5c87d5e2cdc2aee00809c2c9bd46e42fe3ca8807361521a4afe60ccc332579e8
                                                                                                                                                                                                      • Instruction ID: d03f3164640d74032c043d41867083d51385bbc82e12510fee43bf31ff8fe65a
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 5c87d5e2cdc2aee00809c2c9bd46e42fe3ca8807361521a4afe60ccc332579e8
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 99217F32E04F858AFB658F68C4402FC37A0EB54718F494635D61DA7ADADF38E545CB80
                                                                                                                                                                                                      Function 00007FF651756E24 Relevance: 1.6, APIs: 1, Instructions: 55COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3215553584-0
                                                                                                                                                                                                      • Opcode ID: d0ecc1d4814c8292f6d285d86e9f4332b8d7141ecd04c52723bb65a1ba9d936a
                                                                                                                                                                                                      • Instruction ID: 395daaa41463274c1299a712b9f82f1c02f82cfe0ad424fa98c8a7525546b943
                                                                                                                                                                                                      • Opcode Fuzzy Hash: d0ecc1d4814c8292f6d285d86e9f4332b8d7141ecd04c52723bb65a1ba9d936a
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 47114F22A1C74183EF60AF59D40027DA260AF85B80F4A4831FA4CA7A9FDF3DD590C744
                                                                                                                                                                                                      Function 00007FF6517671E4 Relevance: 1.6, APIs: 1, Instructions: 54COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3215553584-0
                                                                                                                                                                                                      • Opcode ID: 1efe6439c1f0d71c5b97f8069ea4f116aceac123a977d1e365d726560a3bc520
                                                                                                                                                                                                      • Instruction ID: fafd1db2556ae763cf6f8ba92d86dd1815e88a9374e810533e4fe74e65c844ad
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 1efe6439c1f0d71c5b97f8069ea4f116aceac123a977d1e365d726560a3bc520
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 1F2183726086868BDB619F2DD44037977B1AB84B94F1C4234EB9D976DEDF3CD8018B00
                                                                                                                                                                                                      Function 00007FF65175124C Relevance: 1.5, APIs: 1, Instructions: 48COMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3215553584-0
                                                                                                                                                                                                      • Opcode ID: 8e9754deeba93abb4745aa2efb451e77357aefa8fb0fbddb16feb6c8c90fdd62
                                                                                                                                                                                                      • Instruction ID: 86ea47307582645f681f6e4f772fab9f26b640449141d38118afb840c399eaee
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 8e9754deeba93abb4745aa2efb451e77357aefa8fb0fbddb16feb6c8c90fdd62
                                                                                                                                                                                                      • Instruction Fuzzy Hash: B301A161B0874642EB04AB5A9901179A791BF86FE0F0D4631EE6CA7BDFDF3CD4018300
                                                                                                                                                                                                      Function 00007FF65175FA28 Relevance: 1.3, APIs: 1, Instructions: 36memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • HeapAlloc.KERNEL32(?,?,00000000,00007FF65175C1BA,?,?,?,00007FF651755DA1,?,?,?,?,00007FF65175B31A), ref: 00007FF65175FA7D
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: AllocHeap
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 4292702814-0
                                                                                                                                                                                                      • Opcode ID: 1fec90483929581ecf61e3aa8e6a4315ca1e17ba0cf65d59ce036437c1ee893b
                                                                                                                                                                                                      • Instruction ID: b81de1133a699b9e1de16642634287a65678f2fd48be1a104f09d140e54fca68
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 1fec90483929581ecf61e3aa8e6a4315ca1e17ba0cf65d59ce036437c1ee893b
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 9EF09005F0970753FF5557AE98513B912905F8AB40F4D4430C91EE63CFDE7CE6814622
                                                                                                                                                                                                      Function 00007FF65175E48C Relevance: 1.3, APIs: 1, Instructions: 29memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • HeapAlloc.KERNEL32(?,?,?,00007FF651751A74,?,?,?,00007FF651752F86,?,?,?,?,?,00007FF651754579), ref: 00007FF65175E4CA
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: AllocHeap
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 4292702814-0
                                                                                                                                                                                                      • Opcode ID: efacbb839d677795a0d989681b51e67fb8ba832133a292f9e9a9629c8f364437
                                                                                                                                                                                                      • Instruction ID: eb3102185389ea7552129614af7010a805cf02fa4ae94ca86513eee9f0664e3b
                                                                                                                                                                                                      • Opcode Fuzzy Hash: efacbb839d677795a0d989681b51e67fb8ba832133a292f9e9a9629c8f364437
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 22F08201B0C20B43FFB416AA5945679A6804F44770F0E0730EE2EE52CBDE3CA4C08151

                                                                                                                                                                                                      Non-executed Functions

                                                                                                                                                                                                      Function 00007FF651745EC0 Relevance: 231.4, APIs: 86, Strings: 46, Instructions: 402libraryloaderCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetProcAddress.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745ED0
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745EE2
                                                                                                                                                                                                      • GetProcAddress.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745F19
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745F2B
                                                                                                                                                                                                      • GetProcAddress.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745F44
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745F56
                                                                                                                                                                                                      • GetProcAddress.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745F6F
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745F81
                                                                                                                                                                                                      • GetProcAddress.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745F9D
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745FAF
                                                                                                                                                                                                      • GetProcAddress.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745FCB
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745FDD
                                                                                                                                                                                                      • GetProcAddress.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745FF9
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF65174600B
                                                                                                                                                                                                      • GetProcAddress.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651746027
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651746039
                                                                                                                                                                                                      • GetProcAddress.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651746055
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651746067
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: AddressErrorLastProc
                                                                                                                                                                                                      • String ID: Failed to get address for %hs$GetProcAddress$LOADER: loaded functions from Python shared library.$PyConfig_Clear$PyConfig_InitIsolatedConfig$PyConfig_Read$PyConfig_SetBytesString$PyConfig_SetString$PyConfig_SetWideStringList$PyErr_Clear$PyErr_Fetch$PyErr_NormalizeException$PyErr_Occurred$PyErr_Print$PyErr_Restore$PyEval_EvalCode$PyImport_AddModule$PyImport_ExecCodeModule$PyImport_ImportModule$PyMarshal_ReadObjectFromString$PyMem_RawFree$PyModule_GetDict$PyObject_CallFunction$PyObject_CallFunctionObjArgs$PyObject_GetAttrString$PyObject_SetAttrString$PyObject_Str$PyPreConfig_InitIsolatedConfig$PyRun_SimpleStringFlags$PyStatus_Exception$PySys_GetObject$PySys_SetObject$PyUnicode_AsUTF8$PyUnicode_Decode$PyUnicode_DecodeFSDefault$PyUnicode_FromFormat$PyUnicode_FromString$PyUnicode_Join$PyUnicode_Replace$Py_DecRef$Py_DecodeLocale$Py_ExitStatusException$Py_Finalize$Py_InitializeFromConfig$Py_IsInitialized$Py_PreInitialize
                                                                                                                                                                                                      • API String ID: 199729137-601071275
                                                                                                                                                                                                      • Opcode ID: 35a2424159d95cda838a15e92be6153c2d82bf4dbcf708f46d94c0e0ebe6afee
                                                                                                                                                                                                      • Instruction ID: ac3d5e5911e02e28399095462d709c3bd8b491007d85099d190d0a0b1388d976
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 35a2424159d95cda838a15e92be6153c2d82bf4dbcf708f46d94c0e0ebe6afee
                                                                                                                                                                                                      • Instruction Fuzzy Hash: EA32A360D4DB0B92FB15DB9CAC1447433A0AF09785B5C5836D85EE626EFFBCB598C220
                                                                                                                                                                                                      Function 00007FF651764F3C Relevance: 24.0, APIs: 9, Strings: 4, Instructions: 1226COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _invalid_parameter_noinfo$memcpy_s$fegetenv
                                                                                                                                                                                                      • String ID: 1#IND$1#INF$1#QNAN$1#SNAN
                                                                                                                                                                                                      • API String ID: 808467561-2761157908
                                                                                                                                                                                                      • Opcode ID: bb6cec2ce46f007fa84a863b38da7ae069ced8f07d493ab880abb3cd0c34ba1e
                                                                                                                                                                                                      • Instruction ID: 0a9ec5c1b5c8c47d3e58a2b5dc762db84bf7e164828b986b69bc5bdc8e2b2d35
                                                                                                                                                                                                      • Opcode Fuzzy Hash: bb6cec2ce46f007fa84a863b38da7ae069ced8f07d493ab880abb3cd0c34ba1e
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 5EB2B472E1828A8BE7658F68D4407FD37A1FB54788F585135DA0DB7A8EDF38A900DB40
                                                                                                                                                                                                      Function 00007FF65174DFBC Relevance: 10.6, APIs: 7, Instructions: 71COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ExceptionFilterPresentUnhandled$CaptureContextDebuggerEntryFeatureFunctionLookupProcessorUnwindVirtual
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3140674995-0
                                                                                                                                                                                                      • Opcode ID: c3adc2d70a46416e0016ebc7a976b5d71081f12b88a2fc355b22615e51f13282
                                                                                                                                                                                                      • Instruction ID: 10743bfd02f783bba879a84b273c2c13b514d47fbe3fcfacf1b16222f08a2487
                                                                                                                                                                                                      • Opcode Fuzzy Hash: c3adc2d70a46416e0016ebc7a976b5d71081f12b88a2fc355b22615e51f13282
                                                                                                                                                                                                      • Instruction Fuzzy Hash: E6315272709B858AEB608F64E8807ED7360FB84704F08443ADA4D97B99DF7CD648C710
                                                                                                                                                                                                      Function 00007FF65175B4A4 Relevance: 9.1, APIs: 6, Instructions: 83COMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ExceptionFilterUnhandled$CaptureContextDebuggerEntryFunctionLookupPresentUnwindVirtual
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 1239891234-0
                                                                                                                                                                                                      • Opcode ID: 4ae03e7b9a19b86c5d22b90a6790336bc10b9c87be4c5dc0ee32ae9123a7051c
                                                                                                                                                                                                      • Instruction ID: 0f0c595205b042ada564cf4067e642b8a3197363dc227a9a07a75815fb1eca30
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 4ae03e7b9a19b86c5d22b90a6790336bc10b9c87be4c5dc0ee32ae9123a7051c
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 02316636618B858ADB60CF69E8802BE73A4FB89758F580135EE9D93B59DF3CD145C700
                                                                                                                                                                                                      Function 00007FF651762704 Relevance: 7.8, APIs: 5, Instructions: 282COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: FileFindFirst_invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2227656907-0
                                                                                                                                                                                                      • Opcode ID: 56078933747ed352146258ac770c45ef829588508b207fb94d730a4e633def5c
                                                                                                                                                                                                      • Instruction ID: c960f80b3379312cea58fe29fa19589c329e20415d5a2bb1753755ef005fe0f9
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 56078933747ed352146258ac770c45ef829588508b207fb94d730a4e633def5c
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4BB1C622B1869A41EBA19B29D8005BD7391EB84BE4F5C5132EE4DA7BCEDF7CE541C700
                                                                                                                                                                                                      Function 00007FF65174DEA0 Relevance: 6.0, APIs: 4, Instructions: 39timethreadCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2933794660-0
                                                                                                                                                                                                      • Opcode ID: 014d93effff5caf25bf47e118e036704a97445821d38eae0d866a55af4ca8f31
                                                                                                                                                                                                      • Instruction ID: e561106fadb05e700675d1b0dbfbba20de7cf25394edba92784c3834dd4dcf2e
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 014d93effff5caf25bf47e118e036704a97445821d38eae0d866a55af4ca8f31
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 86113C26B18F068AEB00CFA4E8542B933A4FB19758F480E31DE6D967A9DF78D555C340
                                                                                                                                                                                                      Function 00007FF651764AA0 Relevance: 4.8, APIs: 3, Instructions: 340COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: memcpy_s
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 1502251526-0
                                                                                                                                                                                                      • Opcode ID: 22262a879fceb6e909bc03be75e0457f7e58912db3df2272f4d30eb0691f5fc1
                                                                                                                                                                                                      • Instruction ID: 2a274e46495d2142d120d29186ca4be98767b3127198fd41c8f0c678d99b9467
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 22262a879fceb6e909bc03be75e0457f7e58912db3df2272f4d30eb0691f5fc1
                                                                                                                                                                                                      • Instruction Fuzzy Hash: AFC10772B1868A87D724CF59A0486AAB791F794784F489134DB4F93B89DF3DEC41CB00
                                                                                                                                                                                                      Function 00007FF65176A5B8 Relevance: 3.2, APIs: 2, Instructions: 227COMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ExceptionRaise_clrfp
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 15204871-0
                                                                                                                                                                                                      • Opcode ID: d019c25e918e8e92d24de8e23e2662a4069d8e58d1c93dbbe0cc97e0405193a3
                                                                                                                                                                                                      • Instruction ID: f8a49e6bdf4faa416bc2dccf3fca92e7f3dc0ef8ac17d44a7434839c1b8bf609
                                                                                                                                                                                                      • Opcode Fuzzy Hash: d019c25e918e8e92d24de8e23e2662a4069d8e58d1c93dbbe0cc97e0405193a3
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 43B14C77A04B898BEB15CF2DC4463687BA0F784B48F298921DB5D977A9CF39D852C700
                                                                                                                                                                                                      Function 00007FF651754834 Relevance: 2.8, Strings: 2, Instructions: 350COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID: $
                                                                                                                                                                                                      • API String ID: 0-227171996
                                                                                                                                                                                                      • Opcode ID: 65d0721523e1f73f07876592c8e6447a47814920e946cdee30596d7aa7addfb0
                                                                                                                                                                                                      • Instruction ID: 235c472db51777632b6bebb61caa669c1ff87098c5f4af512403ffcdb62804e5
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 65d0721523e1f73f07876592c8e6447a47814920e946cdee30596d7aa7addfb0
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 25E1A036A0864683EB688F2D815113D23A0FF45B58F2E5235DA4FA779AEF39EC51C740
                                                                                                                                                                                                      Function 00007FF65175ED80 Relevance: 2.6, Strings: 2, Instructions: 144COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID: e+000$gfff
                                                                                                                                                                                                      • API String ID: 0-3030954782
                                                                                                                                                                                                      • Opcode ID: 945de9e2b5c03ccdf46f63211042ea6b364288e93c2147c7509922034c70fd0a
                                                                                                                                                                                                      • Instruction ID: 8a708178badc347228b5adbc9fa3421cf5cbf802d726973474a3284aa307bfb9
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 945de9e2b5c03ccdf46f63211042ea6b364288e93c2147c7509922034c70fd0a
                                                                                                                                                                                                      • Instruction Fuzzy Hash: E4515962B286C587F7748E399800769BB91E744B94F4D9231DBAC97ACACF3DE4848700
                                                                                                                                                                                                      Function 00007FF651761758 Relevance: 2.0, APIs: 1, Instructions: 461COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentFeaturePresentProcessProcessor
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 1010374628-0
                                                                                                                                                                                                      • Opcode ID: b9faf72c02f4ab809149f6f0dc22c62b6203f0e3796f906706b50ad290c1ba6d
                                                                                                                                                                                                      • Instruction ID: af24fd58d9dbe0fa34942196ed89c8f2d9ff7e4835898a5ead0d4142db9078c4
                                                                                                                                                                                                      • Opcode Fuzzy Hash: b9faf72c02f4ab809149f6f0dc22c62b6203f0e3796f906706b50ad290c1ba6d
                                                                                                                                                                                                      • Instruction Fuzzy Hash: E902CF21B0D64B52FF55AB2D94482792694AF82BA0F4E4A35ED6DF77DBDE3CE4018300
                                                                                                                                                                                                      Function 00007FF65175E8EC Relevance: 1.5, Strings: 1, Instructions: 254COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID: gfffffff
                                                                                                                                                                                                      • API String ID: 0-1523873471
                                                                                                                                                                                                      • Opcode ID: b208c905ad4c95024c0ac15b2f9fdf0f49dfc32ada8e77abea0211f680163fdf
                                                                                                                                                                                                      • Instruction ID: 2b4a9f7d78a9f70fe1833ce13ed1727ea3f7c7f742f2a13aee5221d1d8ab4c79
                                                                                                                                                                                                      • Opcode Fuzzy Hash: b208c905ad4c95024c0ac15b2f9fdf0f49dfc32ada8e77abea0211f680163fdf
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 40A12762A087C587EB31CF2DA4407B9BB91EB55B84F0A8131DE8D9778ADE3DE541C701
                                                                                                                                                                                                      Function 00007FF651759624 Relevance: 1.4, Strings: 1, Instructions: 177COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID: TMP
                                                                                                                                                                                                      • API String ID: 3215553584-3125297090
                                                                                                                                                                                                      • Opcode ID: 9d2587f0fc4c3c40d791fb14da4f637e13efb1bf2e5a17786d637bb14b1d3943
                                                                                                                                                                                                      • Instruction ID: 930dbad230f31df63b9dd4f5bce65e638de27577ff8d08cf690ed7d40d9c6a99
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 9d2587f0fc4c3c40d791fb14da4f637e13efb1bf2e5a17786d637bb14b1d3943
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 8651AD15F0864643FBA4AB2E990117A6291AF41BC4F5E4836DE0EE77DFEE3CF4068600
                                                                                                                                                                                                      Function 00007FF651764310 Relevance: 1.3, APIs: 1, Instructions: 7memoryCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: HeapProcess
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 54951025-0
                                                                                                                                                                                                      • Opcode ID: eb891346d8595627d305f32402cdda10bd89b807ac681878923887b418fd1009
                                                                                                                                                                                                      • Instruction ID: dab04790c3299807440cd4f00c2ccaca359d2faace340e3994a64eba3cdcbbce
                                                                                                                                                                                                      • Opcode Fuzzy Hash: eb891346d8595627d305f32402cdda10bd89b807ac681878923887b418fd1009
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 50B09220E0FA06C6EB482B596CC261422A46F4C710F9C0179C40DA0335DE2C20E55710
                                                                                                                                                                                                      Function 00007FF651754430 Relevance: .3, Instructions: 327COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                      • Opcode ID: 859bf5f10888be0ccd2bf49820f7fd1a93f4bc8ef89502b0b4bbd438d1cb9708
                                                                                                                                                                                                      • Instruction ID: 460627c691dd107e320037a9ae3f2d66d86f695f0ff4224338c3f3f08776f6a5
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 859bf5f10888be0ccd2bf49820f7fd1a93f4bc8ef89502b0b4bbd438d1cb9708
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 5AD1D962A0864287EB688F2D945427D27A0FB05B4CF2E4135CE0FA769EEF39DC55C340
                                                                                                                                                                                                      Function 00007FF65174A690 Relevance: .3, Instructions: 287COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                      • Opcode ID: b5c39ef717e235b20cee80fa4827773a7642da0f404bb47506256c4630f2e3f3
                                                                                                                                                                                                      • Instruction ID: ef6aed5ef4f4917b28e99d13003dd01587cc52edb118381d60cdd727c8130ca0
                                                                                                                                                                                                      • Opcode Fuzzy Hash: b5c39ef717e235b20cee80fa4827773a7642da0f404bb47506256c4630f2e3f3
                                                                                                                                                                                                      • Instruction Fuzzy Hash: C1C1E5722242E44BD38AEB29E4994BA33D5F79D349BC8501AEB8757786CF3CE024D710
                                                                                                                                                                                                      Function 00007FF651753AA0 Relevance: .2, Instructions: 241COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                      • Opcode ID: 31e0c23e94babd60fcd75af8259d5b7fdf169270b00a9d047947f6f4a1554448
                                                                                                                                                                                                      • Instruction ID: 25286bceb687a986e3ef23de326780b5a0e7f4dc4eb223d8850846a16e7d1d41
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 31e0c23e94babd60fcd75af8259d5b7fdf169270b00a9d047947f6f4a1554448
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 78B15E72908B8586E7658F3DE05063D3BB0E745F48F6A4235CA4EA73AACF39D491C744
                                                                                                                                                                                                      Function 00007FF65175F400 Relevance: .2, Instructions: 198COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                      • Opcode ID: 52436ecfcf31f5b829930d733cf55dadee13742346b35c7d96de44f62a1b2d00
                                                                                                                                                                                                      • Instruction ID: b7b295d351fb032aa6ae517bd912658bca034c105292071a9160ff70b8cd8ccf
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 52436ecfcf31f5b829930d733cf55dadee13742346b35c7d96de44f62a1b2d00
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 1881D372A0C78187EB74DF2DA44037A6A91FB45794F194239DAAD97B9ECF3DD4408B00
                                                                                                                                                                                                      Function 00007FF6517672A8 Relevance: .2, Instructions: 183COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3215553584-0
                                                                                                                                                                                                      • Opcode ID: ccff7444b48bfef2bf1c3415ebcc4f4983ae273efb44f2afd91496246c1fee6f
                                                                                                                                                                                                      • Instruction ID: 15475666aaed9d2414817c000212073c42a52738c9c649bc10d962dfb1ff347a
                                                                                                                                                                                                      • Opcode Fuzzy Hash: ccff7444b48bfef2bf1c3415ebcc4f4983ae273efb44f2afd91496246c1fee6f
                                                                                                                                                                                                      • Instruction Fuzzy Hash: E0612822F0C2C646F764A92D844963C6E81AF817E0F5D42B9DA2DE76CFDE7DE8008700
                                                                                                                                                                                                      Function 00007FF651752BE4 Relevance: .1, Instructions: 146COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                      • Opcode ID: 27099d1c67046ba5536a5c52bb1b19252402c8bb4a5167aa336477e7b6d5f807
                                                                                                                                                                                                      • Instruction ID: 58affc2c6222d175c8b42429e244aafeb1deddcd6046af3fefbd5dc7d211c179
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 27099d1c67046ba5536a5c52bb1b19252402c8bb4a5167aa336477e7b6d5f807
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 79517576A18A51C7E7648B2DC04423837A1EB55F58F2D4135CE4DA77AACF3AE893C780
                                                                                                                                                                                                      Function 00007FF6517527D4 Relevance: .1, Instructions: 146COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                      • Opcode ID: 68a3f5aab59b2fac328bd6ba34d5b1cd1fa94c6914f84dc4a79da3b9d8ff9a98
                                                                                                                                                                                                      • Instruction ID: e656227cf21d8e478be9ae1c121eecad2d7307231fc65aa11f21645c70f411db
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 68a3f5aab59b2fac328bd6ba34d5b1cd1fa94c6914f84dc4a79da3b9d8ff9a98
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4C516276A18651C7E7248B2DC04023837A0EB55B68F2E4135DE8DA77AECF3AE843C740
                                                                                                                                                                                                      Function 00007FF651752FF4 Relevance: .1, Instructions: 146COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                      • Opcode ID: 8e69dfdcc94a0aa650623f7423aa354004c1f2fa01d5c1268249020d4c21f447
                                                                                                                                                                                                      • Instruction ID: 4617a1ed30b86e19e149d1aef31df14e79ea795ae6a296bc93891f9cbc323d5d
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 8e69dfdcc94a0aa650623f7423aa354004c1f2fa01d5c1268249020d4c21f447
                                                                                                                                                                                                      • Instruction Fuzzy Hash: B1517236A18A5187E7248B2DE04463837A1EB45F58F2E4135CE4DA77BACF3AE853C740
                                                                                                                                                                                                      Function 00007FF6517529E0 Relevance: .1, Instructions: 145COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                      • Opcode ID: f6a3dccb135ddd09f63c505db29ff29986bf9dd63497299e7c799fac6b959aa4
                                                                                                                                                                                                      • Instruction ID: 4e79f521c50920a1473b669b94fd17f3d2a119f93374f978267fedcc722a807d
                                                                                                                                                                                                      • Opcode Fuzzy Hash: f6a3dccb135ddd09f63c505db29ff29986bf9dd63497299e7c799fac6b959aa4
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 9A514D36A18651C7E7348B2DC04022937A1EB55B58F2E5131CE4DA77AAEF3AE953C780
                                                                                                                                                                                                      Function 00007FF6517525D0 Relevance: .1, Instructions: 145COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                      • Opcode ID: db363646d287334b7a31293e9082935613ba5dde14aee32d187fc7345eaa1eeb
                                                                                                                                                                                                      • Instruction ID: d77f74b4c3fc1db81eebb6e7e1320c85d41c105a08efcd44d108ff0541c954f5
                                                                                                                                                                                                      • Opcode Fuzzy Hash: db363646d287334b7a31293e9082935613ba5dde14aee32d187fc7345eaa1eeb
                                                                                                                                                                                                      • Instruction Fuzzy Hash: E2517136A18651C7E7258B2DC05063837A1EB55B58F2E4131CE4DA7BAECF3AEC52C790
                                                                                                                                                                                                      Function 00007FF651752DF0 Relevance: .1, Instructions: 145COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                      • Opcode ID: e46230d8c0bb23a9b26f12389beaf27d8e9063d4bba2e4d98de2a57eaa924be5
                                                                                                                                                                                                      • Instruction ID: 16492f50e7be163957470e79fe6778be93e9e65e7dafb37e62c792e5ec958649
                                                                                                                                                                                                      • Opcode Fuzzy Hash: e46230d8c0bb23a9b26f12389beaf27d8e9063d4bba2e4d98de2a57eaa924be5
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 41515B36A18651C6E7648B2DE04463827A1EB49F58F2E4131DA4DA77EACF3AE843D740
                                                                                                                                                                                                      Function 00007FF651756BC0 Relevance: .1, Instructions: 138COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                      • Opcode ID: dde3b7cfbcf26fc8d7513faefc9a59c4b8821272907dfbb35b6db6355186da00
                                                                                                                                                                                                      • Instruction ID: a94a85e07a41ddf7c06b762ab9cac7fedb0c1f8dbdb335bca0b3e27958a61bc4
                                                                                                                                                                                                      • Opcode Fuzzy Hash: dde3b7cfbcf26fc8d7513faefc9a59c4b8821272907dfbb35b6db6355186da00
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 9641A592C0D74E06EFA5891C09106B42680EF32BA0D5E52B4FD99BB7DFDD2D79D6C208
                                                                                                                                                                                                      Function 00007FF65175AD30 Relevance: .1, Instructions: 126COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ErrorFreeHeapLast
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 485612231-0
                                                                                                                                                                                                      • Opcode ID: f0ae89a26dca149d182ce50b88a8921fc83ab3e8be20eff27c0f0bed46e3e6e7
                                                                                                                                                                                                      • Instruction ID: 27c1a12a42f6f6e7c0eb90dc5d5c6d31ae01488f82fdee9fda87aef89bf8c855
                                                                                                                                                                                                      • Opcode Fuzzy Hash: f0ae89a26dca149d182ce50b88a8921fc83ab3e8be20eff27c0f0bed46e3e6e7
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 5B41D162718A5582EF44CF2AD92416A63A2FB48FC0B599036DE0DE7B59DE3CD442C300
                                                                                                                                                                                                      Function 00007FF651758F74 Relevance: .1, Instructions: 98COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                      • Opcode ID: 2b8cddb4ee5dd57f1c7573491c8f445712dd312cb7e9e547cfd0f9c072f4c0c7
                                                                                                                                                                                                      • Instruction ID: cb5d680f7868ce1b9da7e124170290362f303470c111febbdd0790912b516809
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 2b8cddb4ee5dd57f1c7573491c8f445712dd312cb7e9e547cfd0f9c072f4c0c7
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4231B632B09B4242E7649F29644017E66D5AFC5BD0F1D4639EA4DA3BDBDF3CD4029704
                                                                                                                                                                                                      Function 00007FF65176A400 Relevance: .0, Instructions: 32COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                      • Opcode ID: cfe4e3fc2a54007026b549c751ef46841f82dc584412ffa4d6f624c6b18b4180
                                                                                                                                                                                                      • Instruction ID: 253b596b8949a2d584b211b0e80b34dde860289145100fcbc1fb46d8906c952f
                                                                                                                                                                                                      • Opcode Fuzzy Hash: cfe4e3fc2a54007026b549c751ef46841f82dc584412ffa4d6f624c6b18b4180
                                                                                                                                                                                                      • Instruction Fuzzy Hash: CDF0F6B1B182958BDBE5DF2CA8026693BD0F7083C0F94C079D68DD3B08CA3C80618F04
                                                                                                                                                                                                      Function 00007FF65174E19C Relevance: .0, Instructions: 2COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                      • Opcode ID: 33a079416ec4e5d2eadde58b7a575c5f38234538eab88a2afaf1a4ddf2683be1
                                                                                                                                                                                                      • Instruction ID: 6ffb21159206e123531eabf7850427bceb83492768921a646e3402ee6ae93430
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 33a079416ec4e5d2eadde58b7a575c5f38234538eab88a2afaf1a4ddf2683be1
                                                                                                                                                                                                      • Instruction Fuzzy Hash: CEA0023194EC86D8E784CB58E9514703330FB50310B480831D48DE10EADF7CA444C300
                                                                                                                                                                                                      Function 00007FF651748020 Relevance: 178.8, APIs: 66, Strings: 36, Instructions: 316libraryloaderCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: AddressErrorLastProc
                                                                                                                                                                                                      • String ID: Failed to get address for %hs$GetProcAddress$LOADER: loaded functions from Tcl/Tk shared libraries.$Tcl_Alloc$Tcl_ConditionFinalize$Tcl_ConditionNotify$Tcl_ConditionWait$Tcl_CreateInterp$Tcl_CreateObjCommand$Tcl_CreateThread$Tcl_DeleteInterp$Tcl_DoOneEvent$Tcl_EvalEx$Tcl_EvalFile$Tcl_EvalObjv$Tcl_Finalize$Tcl_FinalizeThread$Tcl_FindExecutable$Tcl_Free$Tcl_GetCurrentThread$Tcl_GetObjResult$Tcl_GetString$Tcl_GetVar2$Tcl_Init$Tcl_JoinThread$Tcl_MutexFinalize$Tcl_MutexLock$Tcl_MutexUnlock$Tcl_NewByteArrayObj$Tcl_NewStringObj$Tcl_SetVar2$Tcl_SetVar2Ex$Tcl_ThreadAlert$Tcl_ThreadQueueEvent$Tk_GetNumMainWindows$Tk_Init
                                                                                                                                                                                                      • API String ID: 199729137-248881121
                                                                                                                                                                                                      • Opcode ID: 420f2b746a1c513fc792d814bbe220d7f95c760625615bd87483818fc4daaa9a
                                                                                                                                                                                                      • Instruction ID: 925252d1ea982c37e9b115a6e32949ba0d864843aa0f83a4f72d5ca7d05c54f8
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 420f2b746a1c513fc792d814bbe220d7f95c760625615bd87483818fc4daaa9a
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 9002D660D4EB0F91FB49DB9CA82057433A0AF09784B9C5936C46EF226EEF7CB548C211
                                                                                                                                                                                                      Function 00007FF651748A70 Relevance: 40.4, APIs: 9, Strings: 14, Instructions: 106COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: LongWindow$BlockCreateErrorLastReasonShutdown
                                                                                                                                                                                                      • String ID: LOADER: TerminateProcess call failed (%d)$LOADER: child process has finished.$LOADER: child process not terminated!$LOADER: child process terminated!$LOADER: end of WM_ENDSESSION handler reached!$LOADER: failed to register shutdown block reason (%d)!$LOADER: handling session shutdown - giving the child %d ms to exit...$LOADER: hidden window received WM_ENDSESSION with logoff-option %X and end-session option %X$LOADER: hidden window received WM_QUERYENDSESSION with logoff-option %X$LOADER: performing cleanup...$LOADER: session shutdown has been canceled!$LOADER: session shutdown has been confirmed!$LOADER: terminating the child process...$Needs to remove its temporary files.
                                                                                                                                                                                                      • API String ID: 3975851968-1164846305
                                                                                                                                                                                                      • Opcode ID: dafbf9b262942d9f02d838948db2eff594198f89ed8f669f3292544c2e92c2c8
                                                                                                                                                                                                      • Instruction ID: 8667f090909f4d66e27e6c057b20233be252c49de67ddb3a4bf124c544972fab
                                                                                                                                                                                                      • Opcode Fuzzy Hash: dafbf9b262942d9f02d838948db2eff594198f89ed8f669f3292544c2e92c2c8
                                                                                                                                                                                                      • Instruction Fuzzy Hash: C0417B21E19A8681FB44AB6DF8500BD2754EF85B80F4C4132EA5EE33AFDE6CE945C350
                                                                                                                                                                                                      Function 00007FF651746C20 Relevance: 35.1, APIs: 2, Strings: 18, Instructions: 145COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentProcess
                                                                                                                                                                                                      • String ID: Failed to allocate PyConfig structure! Unsupported python version?$Failed to parse run-time options!$Failed to pre-initialize embedded python interpreter!$Failed to set module search paths!$Failed to set program name!$Failed to set python home path!$Failed to set run-time options!$Failed to set sys.argv!$Failed to start embedded python interpreter!$LOADER: applying run-time options...$LOADER: creating PyConfig structure...$LOADER: initializing interpreter configuration...$LOADER: pre-initializing embedded python interpreter...$LOADER: setting module search paths...$LOADER: setting program name...$LOADER: setting python home path...$LOADER: setting sys.argv...$LOADER: starting embedded python interpreter...
                                                                                                                                                                                                      • API String ID: 2050909247-1204188993
                                                                                                                                                                                                      • Opcode ID: 68cbbd6df7b1a815a915930ca660f865877b85124db43bde2bdf56054769497b
                                                                                                                                                                                                      • Instruction ID: 5fc45082f0d361485ba663dd972f071dc4ed5f73ac9e8f99fff33939cd6e3876
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 68cbbd6df7b1a815a915930ca660f865877b85124db43bde2bdf56054769497b
                                                                                                                                                                                                      • Instruction Fuzzy Hash: E7611B11A0C64791FB11EB6DE8511B96360BF94B80F4C0031EA8EE26AFEFACF585C754
                                                                                                                                                                                                      Function 00007FF651748C50 Relevance: 33.4, APIs: 6, Strings: 13, Instructions: 132COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                        • Part of subcall function 00007FF65174A220: MultiByteToWideChar.KERNEL32(?,?,?,00007FF651743CB6), ref: 00007FF65174A259
                                                                                                                                                                                                      • ExpandEnvironmentStringsW.KERNEL32(?,00007FF6517494A7,?,?,00000000,00007FF651744223), ref: 00007FF651748CAC
                                                                                                                                                                                                        • Part of subcall function 00007FF651742A60: GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF651743C41,?,00007FF651743CC2), ref: 00007FF651742AB0
                                                                                                                                                                                                        • Part of subcall function 00007FF651742A60: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF651743C41), ref: 00007FF651742B25
                                                                                                                                                                                                        • Part of subcall function 00007FF651742A60: MessageBoxW.USER32 ref: 00007FF651742B45
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ByteCharCurrentDebugEnvironmentExpandMessageMultiOutputProcessStringStringsWide
                                                                                                                                                                                                      • String ID: %.*s$CreateDirectory$LOADER: absolute runtime-tmpdir is %ls$LOADER: appending backslash to the given drive root %ls$LOADER: creating runtime-tmpdir path component: %ls$LOADER: creating runtime-tmpdir path: %ls$LOADER: expanded runtime-tmpdir is a drive root: %ls$LOADER: failed to convert runtime-tmpdir to a wide string.$LOADER: failed to create runtime-tmpdir path %ls!$LOADER: failed to expand environment variables in the runtime-tmpdir.$LOADER: failed to obtain the absolute path of the runtime-tmpdir.$LOADER: runtime-tmpdir points to non-existent drive %ls (type: %d)!$\
                                                                                                                                                                                                      • API String ID: 398162068-1319882304
                                                                                                                                                                                                      • Opcode ID: 61ffe2621177a02b66aa55e84bce2822bb7915e47f22fe32a0a84b71fce3f88c
                                                                                                                                                                                                      • Instruction ID: 6d6784d3d94519f4dcc651b1765760b24ba82482afbb3bdec8ea535f777724a5
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 61ffe2621177a02b66aa55e84bce2822bb7915e47f22fe32a0a84b71fce3f88c
                                                                                                                                                                                                      • Instruction Fuzzy Hash: E6518421B2D64781FB60EB6DE8512BA6251EF94780F4C5432E68EE269FEF7CE5448700
                                                                                                                                                                                                      Function 00007FF6517490B0 Relevance: 24.7, APIs: 6, Strings: 8, Instructions: 159COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetCurrentProcess.KERNEL32(?,00000000,?,?,00007FF651749FC1), ref: 00007FF6517490E2
                                                                                                                                                                                                      • K32EnumProcessModules.KERNEL32(?,?,00007FF651749FC1), ref: 00007FF651749139
                                                                                                                                                                                                        • Part of subcall function 00007FF65174A220: MultiByteToWideChar.KERNEL32(?,?,?,00007FF651743CB6), ref: 00007FF65174A259
                                                                                                                                                                                                      • K32GetModuleFileNameExW.KERNEL32(?,?,00007FF651749FC1), ref: 00007FF6517491E2
                                                                                                                                                                                                      • K32GetModuleFileNameExW.KERNEL32(?,?,00007FF651749FC1), ref: 00007FF651749281
                                                                                                                                                                                                        • Part of subcall function 00007FF651742880: GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF651743BC3,?,00007FF651743CC2), ref: 00007FF6517428CE
                                                                                                                                                                                                        • Part of subcall function 00007FF651742880: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF651743BC3,?,00007FF651743CC2), ref: 00007FF651742938
                                                                                                                                                                                                        • Part of subcall function 00007FF6517588CC: _invalid_parameter_noinfo.LIBCMT ref: 00007FF6517588E9
                                                                                                                                                                                                      • FreeLibrary.KERNEL32(?,?,00007FF651749FC1), ref: 00007FF6517492B4
                                                                                                                                                                                                      • FreeLibrary.KERNEL32(?,?,00007FF651749FC1), ref: 00007FF6517492DE
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Process$CurrentFileFreeLibraryModuleName$ByteCharDebugEnumModulesMultiOutputStringWide_invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID: LOADER: DLL unloaded after %d attempt(s)!$LOADER: could not resolve DLL's name (was it unloaded?) - skipping!$LOADER: could not resolve DLL's name - skipping!$LOADER: forcing unload of %ls (attempt #%d)$LOADER: found %d DLL(s) loaded from application's temporary directory!$LOADER: found %d loaded DLLs...$LOADER: giving up after %d attempts!$LOADER: loaded DLL: %ls
                                                                                                                                                                                                      • API String ID: 1205768147-1546440269
                                                                                                                                                                                                      • Opcode ID: ddb630d70a2f256c62ad8370a99e132fc67815a821f595523d97730c1418b1d6
                                                                                                                                                                                                      • Instruction ID: 16e722be908e4361e5efff425525de1f35b82a0c9889e0b39f31cb134080d756
                                                                                                                                                                                                      • Opcode Fuzzy Hash: ddb630d70a2f256c62ad8370a99e132fc67815a821f595523d97730c1418b1d6
                                                                                                                                                                                                      • Instruction Fuzzy Hash: C0616861B1D68282FB209B19E4402BA6354FF49784F4C5135EA8DE769FEE7CE505C740
                                                                                                                                                                                                      Function 00007FF6517421C0 Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 120COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: MoveWindow$ObjectSelect$DrawReleaseText
                                                                                                                                                                                                      • String ID: P%
                                                                                                                                                                                                      • API String ID: 2147705588-2959514604
                                                                                                                                                                                                      • Opcode ID: 3500614061f5ceb163c3b7033a707fbd0e5c5059e6765f43b08d1a25968858d7
                                                                                                                                                                                                      • Instruction ID: aec2fc83917ab3110ab5652c791cfe80e63c0fbbdefc65bd3d45218d93d23d45
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 3500614061f5ceb163c3b7033a707fbd0e5c5059e6765f43b08d1a25968858d7
                                                                                                                                                                                                      • Instruction Fuzzy Hash: AB51F526618BA186D7249F36F4181BABBA1FB98B65F044121EFCF83699DF3CD045DB10
                                                                                                                                                                                                      Function 00007FF651757120 Relevance: 14.5, APIs: 3, Strings: 5, Instructions: 494COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID: -$:$f$p$p
                                                                                                                                                                                                      • API String ID: 3215553584-2013873522
                                                                                                                                                                                                      • Opcode ID: 05289c79a0973464c9e6def38ad17f96859a0f6bf6326b9c8ee99a6d91406060
                                                                                                                                                                                                      • Instruction ID: 25e8f3f1f715bd3515e284840686ef81464e0a5f2dc2fa2ba9fb4e73fcccb015
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 05289c79a0973464c9e6def38ad17f96859a0f6bf6326b9c8ee99a6d91406060
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 2212A162E0C18387FB647A1CE5C467A7692FB40754FDE4476E689A66CEDF3CE4808B10
                                                                                                                                                                                                      Function 00007FF651751E58 Relevance: 14.5, APIs: 3, Strings: 5, Instructions: 475COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID: f$f$p$p$f
                                                                                                                                                                                                      • API String ID: 3215553584-1325933183
                                                                                                                                                                                                      • Opcode ID: 36904858277830fb8bea51a287cdb11102976cd150a0ae475a72b14e7f9093e8
                                                                                                                                                                                                      • Instruction ID: e03a22934f9b66578a7229d416845f1f246baeef26b4221703f3cab2085e1a37
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 36904858277830fb8bea51a287cdb11102976cd150a0ae475a72b14e7f9093e8
                                                                                                                                                                                                      • Instruction Fuzzy Hash: A012B566E0C143C7FB249B18D0542BA76A2FB50754F9E4136E69AD66CEDF3CE881CB10
                                                                                                                                                                                                      Function 00007FF651741050 Relevance: 14.1, APIs: 1, Strings: 7, Instructions: 119COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentProcess
                                                                                                                                                                                                      • String ID: Failed to extract %s: failed to allocate data buffer (%u bytes)!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$fread$fseek$malloc
                                                                                                                                                                                                      • API String ID: 2050909247-3659356012
                                                                                                                                                                                                      • Opcode ID: eda16f087b1cd240f754496e81f1b050d3233cccc7c9f87eb7c00d22cff732f1
                                                                                                                                                                                                      • Instruction ID: eccef05cb275a4ead1fa45f12b49e86f1f2b07a4f071decce96c8f4a4f4da8ea
                                                                                                                                                                                                      • Opcode Fuzzy Hash: eda16f087b1cd240f754496e81f1b050d3233cccc7c9f87eb7c00d22cff732f1
                                                                                                                                                                                                      • Instruction Fuzzy Hash: E4419022B0869682EB10EB19A8446B96391FF44BD0F5C4832ED8DA779FDF7CF5458740
                                                                                                                                                                                                      Function 00007FF651741470 Relevance: 14.1, APIs: 1, Strings: 7, Instructions: 107COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentProcess
                                                                                                                                                                                                      • String ID: Failed to extract %s: failed to allocate data buffer (%u bytes)!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$fread$fseek$malloc
                                                                                                                                                                                                      • API String ID: 2050909247-3659356012
                                                                                                                                                                                                      • Opcode ID: 8b51c80db7a6afc4c1776c43494471b21352da2a29cc5c10828507d7a1fdfc8b
                                                                                                                                                                                                      • Instruction ID: 09bb1422f60590cbf3d626142f696e2ba6b9fd841e1ff06f68dae0271ebdf72a
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 8b51c80db7a6afc4c1776c43494471b21352da2a29cc5c10828507d7a1fdfc8b
                                                                                                                                                                                                      • Instruction Fuzzy Hash: F6419E22A0868686EB10EB29E4401F9B390EF44794F5C4932ED5DA7B9FDE7CF5428744
                                                                                                                                                                                                      Function 00007FF651742EC0 Relevance: 14.1, APIs: 4, Strings: 4, Instructions: 106windowCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetCurrentProcessId.KERNEL32(?,?,?,?,?,?,?,?,00007FF651743B96,?,00007FF651743CC2), ref: 00007FF651742F0E
                                                                                                                                                                                                      • FormatMessageW.KERNEL32(?,?,?,?,?,?,?,?,00007FF651743B96,?,00007FF651743CC2), ref: 00007FF651742FD3
                                                                                                                                                                                                      • OutputDebugStringW.KERNEL32(?,?,?,?,?,?,?,00007FF651743B96,?,00007FF651743CC2), ref: 00007FF651742FF4
                                                                                                                                                                                                      • MessageBoxW.USER32 ref: 00007FF651743014
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Message$CurrentDebugFormatOutputProcessString
                                                                                                                                                                                                      • String ID: %ls: $<FormatMessageW failed.>$Error$[PYI-%d:ERROR]
                                                                                                                                                                                                      • API String ID: 3610484179-251083826
                                                                                                                                                                                                      • Opcode ID: 828f12746ff879e1f0e842e6a95a12500ee58c826faa7b6d58959c677cb04922
                                                                                                                                                                                                      • Instruction ID: 9216c3ea97478531cf2d0555e0cf61b9dcb43277dc6e814f7e8900c59c74104f
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 828f12746ff879e1f0e842e6a95a12500ee58c826faa7b6d58959c677cb04922
                                                                                                                                                                                                      • Instruction Fuzzy Hash: BF41D722708A4142E720A729F8142BA7695BF887C8F450135EF8DE375EDF7CE606C700
                                                                                                                                                                                                      Function 00007FF651746A60 Relevance: 13.6, APIs: 1, Strings: 8, Instructions: 88COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentProcess
                                                                                                                                                                                                      • String ID: Failed to load Python DLL '%ls'.$LOADER: loading Python shared library: %s$LOADER: ucrtbase.dll found: %s$LoadLibrary$Path of Python shared library (%s) and its name (%s) exceed buffer size (%d)$Path of ucrtbase.dll (%s) and its name exceed buffer size (%d)$Reported length (%d) of Python shared library name (%s) exceeds buffer size (%d)$ucrtbase.dll
                                                                                                                                                                                                      • API String ID: 2050909247-523516585
                                                                                                                                                                                                      • Opcode ID: 59471425ae7d5fe46dbf556cf93238dd972887c47ff50432c0f91e41267730fa
                                                                                                                                                                                                      • Instruction ID: 86970b8c47339debfa7b7dd151718a31e45f94cbeb6b5b6fbf3400f460718a7b
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 59471425ae7d5fe46dbf556cf93238dd972887c47ff50432c0f91e41267730fa
                                                                                                                                                                                                      • Instruction Fuzzy Hash: D0418131A1CA8B91EB21DB68E4441E96351FF44384F980132E69DE369FEFBCE655C740
                                                                                                                                                                                                      Function 00007FF651749FA0 Relevance: 13.6, APIs: 1, Strings: 8, Instructions: 56sleepCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                        • Part of subcall function 00007FF651742880: GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF651743BC3,?,00007FF651743CC2), ref: 00007FF6517428CE
                                                                                                                                                                                                        • Part of subcall function 00007FF651742880: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF651743BC3,?,00007FF651743CC2), ref: 00007FF651742938
                                                                                                                                                                                                        • Part of subcall function 00007FF6517490B0: GetCurrentProcess.KERNEL32(?,00000000,?,?,00007FF651749FC1), ref: 00007FF6517490E2
                                                                                                                                                                                                        • Part of subcall function 00007FF6517490B0: K32EnumProcessModules.KERNEL32(?,?,00007FF651749FC1), ref: 00007FF651749139
                                                                                                                                                                                                        • Part of subcall function 00007FF6517490B0: K32GetModuleFileNameExW.KERNEL32(?,?,00007FF651749FC1), ref: 00007FF6517491E2
                                                                                                                                                                                                        • Part of subcall function 00007FF6517490B0: K32GetModuleFileNameExW.KERNEL32(?,?,00007FF651749FC1), ref: 00007FF651749281
                                                                                                                                                                                                      • Sleep.KERNEL32 ref: 00007FF65174A019
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Process$CurrentFileModuleName$DebugEnumModulesOutputSleepString
                                                                                                                                                                                                      • String ID: LOADER: given up after %d attempts!$LOADER: no bundled DLLs were unloaded from this process.$LOADER: removal failed!$LOADER: removal succeeded.$LOADER: trying to force-unload bundled DLLs from this process...$LOADER: trying to remove temporary directory (attempt %d / %d)...$LOADER: unloaded %d bundled DLL(s) from this process - trying to remove temporary directory again...$LOADER: waiting %d milliseconds before trying to remove temporary directory again...
                                                                                                                                                                                                      • API String ID: 3020383390-2558405752
                                                                                                                                                                                                      • Opcode ID: 964a36026dc0beb547190053f24f2bded4e5bf573c73c0107b4178e83fc0ee1c
                                                                                                                                                                                                      • Instruction ID: 4e7d33fe0bdbb38774bf6aa4f6d4b73c85245ea6ab25fce1d9ae03d5f1b71959
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 964a36026dc0beb547190053f24f2bded4e5bf573c73c0107b4178e83fc0ee1c
                                                                                                                                                                                                      • Instruction Fuzzy Hash: CE212C10F1C50381FB54AB6DE9921B91254EF84380F9C0132E99FE65EFEE6CE555C391
                                                                                                                                                                                                      Function 00007FF65174F898 Relevance: 12.6, APIs: 4, Strings: 3, Instructions: 310COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: BlockFrameHandler3::Unwind$CatchExecutionHandlerIs_bad_exception_allowedSearchStatestd::bad_alloc::bad_alloc
                                                                                                                                                                                                      • String ID: csm$csm$csm
                                                                                                                                                                                                      • API String ID: 849930591-393685449
                                                                                                                                                                                                      • Opcode ID: 55a0ec1e8237ffe27285874e05f24c8b912bd44a785cf4b88703c9377fcf81ea
                                                                                                                                                                                                      • Instruction ID: d607ffd03e50cbcc7f56cb0e43d5da0c709ab7b63a49e85b2749e838a9e3b9e3
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 55a0ec1e8237ffe27285874e05f24c8b912bd44a785cf4b88703c9377fcf81ea
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 5AD16D32A08B4186EB609F2D94413AD77A0FB45798F180136EE9DA7B9ACF7CE581C701
                                                                                                                                                                                                      Function 00007FF65174EB58 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 88libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • LoadLibraryExW.KERNEL32(?,?,?,00007FF65174EE0A,?,?,?,00007FF65174EAFC,?,?,?,00007FF65174E6F9), ref: 00007FF65174EBDD
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,?,?,00007FF65174EE0A,?,?,?,00007FF65174EAFC,?,?,?,00007FF65174E6F9), ref: 00007FF65174EBEB
                                                                                                                                                                                                      • LoadLibraryExW.KERNEL32(?,?,?,00007FF65174EE0A,?,?,?,00007FF65174EAFC,?,?,?,00007FF65174E6F9), ref: 00007FF65174EC15
                                                                                                                                                                                                      • FreeLibrary.KERNEL32(?,?,?,00007FF65174EE0A,?,?,?,00007FF65174EAFC,?,?,?,00007FF65174E6F9), ref: 00007FF65174EC83
                                                                                                                                                                                                      • GetProcAddress.KERNEL32(?,?,?,00007FF65174EE0A,?,?,?,00007FF65174EAFC,?,?,?,00007FF65174E6F9), ref: 00007FF65174EC8F
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Library$Load$AddressErrorFreeLastProc
                                                                                                                                                                                                      • String ID: api-ms-
                                                                                                                                                                                                      • API String ID: 2559590344-2084034818
                                                                                                                                                                                                      • Opcode ID: 40a510cebb62c697958816eb18758dfdc694259234190da95a043a57b17deadc
                                                                                                                                                                                                      • Instruction ID: f24f808f50746d977473e9d021334cd424df8a4e9e26a513a4d65ee92faf4990
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 40a510cebb62c697958816eb18758dfdc694259234190da95a043a57b17deadc
                                                                                                                                                                                                      • Instruction Fuzzy Hash: CE31B421B1AA4681EF169B1AA80097523D4FF45BB4F1D0535DD9DA739AEF7CE484C308
                                                                                                                                                                                                      Function 00007FF651742A60 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 67windowCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentDebugMessageOutputProcessString
                                                                                                                                                                                                      • String ID: ERROR$Error$[PYI-%d:%ls]
                                                                                                                                                                                                      • API String ID: 4028877780-255084403
                                                                                                                                                                                                      • Opcode ID: 057562ccfe264771108c8c8da914ddfbe5ead419b3895ee0a190aa773fc013a9
                                                                                                                                                                                                      • Instruction ID: 406b5cbad5a0cbaaaa9e14d5990c218ed56c799880ee91b9e83b4888d9dad015
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 057562ccfe264771108c8c8da914ddfbe5ead419b3895ee0a190aa773fc013a9
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 72218032718B8192E710DB18F8847AA73A4FB887C4F440536EE8DA365ADF7CE215C700
                                                                                                                                                                                                      Function 00007FF651742DB0 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 67windowCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetCurrentProcessId.KERNEL32(?,00000000,00000000,?,00000000,00007FF651749F1F,?,00007FF6517441E6), ref: 00007FF651742E00
                                                                                                                                                                                                      • OutputDebugStringW.KERNEL32(?,00000000,00000000,?,00000000,00007FF651749F1F,?,00007FF6517441E6), ref: 00007FF651742E75
                                                                                                                                                                                                      • MessageBoxW.USER32 ref: 00007FF651742E95
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentDebugMessageOutputProcessString
                                                                                                                                                                                                      • String ID: WARNING$Warning$[PYI-%d:%ls]
                                                                                                                                                                                                      • API String ID: 4028877780-3797743490
                                                                                                                                                                                                      • Opcode ID: 7cdf951604488058f5d3dcf27530f518d110344762915852708cf9127e253198
                                                                                                                                                                                                      • Instruction ID: 9c635d9563b6435501bd95569747a542bff29117185fb0fc5336c0a359c60229
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 7cdf951604488058f5d3dcf27530f518d110344762915852708cf9127e253198
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 01218062718B8192E710DB28F8447AA73A4FB88784F440136EA8DA365ADF7CE215C740
                                                                                                                                                                                                      Function 00007FF651742CB0 Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 64COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetCurrentProcessId.KERNEL32(00000000,?,?,?,00000000,00007FF6517437BA,?,?,00007FF651743991), ref: 00007FF651742D00
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentProcess
                                                                                                                                                                                                      • String ID: 0$WARNING$Warning$Warning [ANSI Fallback]$[PYI-%d:%s]
                                                                                                                                                                                                      • API String ID: 2050909247-2900015858
                                                                                                                                                                                                      • Opcode ID: 3d6eaed68e2c3f8c8e4f3815f915b522a3cc25865f8b93ebb079ac5f1820f5f2
                                                                                                                                                                                                      • Instruction ID: 2ee2b15749a79f68bee8093d3c35f688b7c43885c70576be0ed135311d890719
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 3d6eaed68e2c3f8c8e4f3815f915b522a3cc25865f8b93ebb079ac5f1820f5f2
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 0E217F7261878152E7209B54F8407E663A4FB887C4F440136FACDA365EDF7CE645C640
                                                                                                                                                                                                      Function 00007FF65175BFE0 Relevance: 10.6, APIs: 7, Instructions: 62COMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Value$ErrorLast
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2506987500-0
                                                                                                                                                                                                      • Opcode ID: 0350259c4935290fc62fbad7f5c5933cfedd21cdbfd6efef0180ff97d41dade3
                                                                                                                                                                                                      • Instruction ID: e427d1638671e18d2e27b02e635709104c9e1f2583a1f8adc0d743f2e95d4335
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 0350259c4935290fc62fbad7f5c5933cfedd21cdbfd6efef0180ff97d41dade3
                                                                                                                                                                                                      • Instruction Fuzzy Hash: A7214C20B0D24243FB58672D9A4123961965F4ABA0F5E4B35E93EF7ADFDE3DB4428201
                                                                                                                                                                                                      Function 00007FF651768BFC Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48fileCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ConsoleWrite$CloseCreateErrorFileHandleLast
                                                                                                                                                                                                      • String ID: CONOUT$
                                                                                                                                                                                                      • API String ID: 3230265001-3130406586
                                                                                                                                                                                                      • Opcode ID: 5c6e57e550d3b47b38588f68e65aae1629f5c424c0371111055432e8af963ac1
                                                                                                                                                                                                      • Instruction ID: d84ce9699f457340637338bf6d95373668a0ff0498861eea7e119e120c737113
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 5c6e57e550d3b47b38588f68e65aae1629f5c424c0371111055432e8af963ac1
                                                                                                                                                                                                      • Instruction Fuzzy Hash: F011D021B18B4586E7508B5AE84433972A0FB88BE4F084734EA1ED77A9CF3CD844C740
                                                                                                                                                                                                      Function 00007FF65175C158 Relevance: 9.1, APIs: 6, Instructions: 57COMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,?,?,00007FF651755DA1,?,?,?,?,00007FF65175B31A,?,?,?,?,00007FF65175801F), ref: 00007FF65175C167
                                                                                                                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF651755DA1,?,?,?,?,00007FF65175B31A,?,?,?,?,00007FF65175801F), ref: 00007FF65175C19D
                                                                                                                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF651755DA1,?,?,?,?,00007FF65175B31A,?,?,?,?,00007FF65175801F), ref: 00007FF65175C1CA
                                                                                                                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF651755DA1,?,?,?,?,00007FF65175B31A,?,?,?,?,00007FF65175801F), ref: 00007FF65175C1DB
                                                                                                                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF651755DA1,?,?,?,?,00007FF65175B31A,?,?,?,?,00007FF65175801F), ref: 00007FF65175C1EC
                                                                                                                                                                                                      • SetLastError.KERNEL32(?,?,?,00007FF651755DA1,?,?,?,?,00007FF65175B31A,?,?,?,?,00007FF65175801F), ref: 00007FF65175C207
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Value$ErrorLast
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2506987500-0
                                                                                                                                                                                                      • Opcode ID: 54a3be41825f2b6e5d4e465b306a2b2b89daf69649572617c07869cbaae029a5
                                                                                                                                                                                                      • Instruction ID: 7bc03798aea11bca08d2822da30f6171a188d926331b43c79a9a9787079d75a2
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 54a3be41825f2b6e5d4e465b306a2b2b89daf69649572617c07869cbaae029a5
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 16115E60B0D24243FB58672D9A4123922565F487B0F6E0B35E83EF7ADFDE3CB4428201
                                                                                                                                                                                                      Function 00007FF651742B70 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 86COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetCurrentProcessId.KERNEL32(?,?,?,?,?,00000000,00000000,00000000,00007FF651741BAA), ref: 00007FF651742BBE
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentProcess
                                                                                                                                                                                                      • String ID: %s: %s$Error$Error [ANSI Fallback]$[PYI-%d:ERROR]
                                                                                                                                                                                                      • API String ID: 2050909247-2962405886
                                                                                                                                                                                                      • Opcode ID: 827b3de59d6a9cd9b5b6f226d6c6d3f38a8bc1fc205c4ecf48a1d0be9f0d6c27
                                                                                                                                                                                                      • Instruction ID: 739a07afed4c7748529209b0a62fe6cc2721d62b7c241dbb2f6cbde35821b3d3
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 827b3de59d6a9cd9b5b6f226d6c6d3f38a8bc1fc205c4ecf48a1d0be9f0d6c27
                                                                                                                                                                                                      • Instruction Fuzzy Hash: E531E822B1868152E710AB69B8406E77695BF887D4F454132FE8DE379EEF7CE546C300
                                                                                                                                                                                                      Function 00007FF6517423D0 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 81windowCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: DeleteDestroyDialogHandleIconIndirectModuleObjectParam
                                                                                                                                                                                                      • String ID: Unhandled exception in script
                                                                                                                                                                                                      • API String ID: 3081866767-2699770090
                                                                                                                                                                                                      • Opcode ID: 4c59a58307d4223683e05d5793ba2dbd03cd3b2903f81bc3d24a478537e0b4ba
                                                                                                                                                                                                      • Instruction ID: e23188b043cd35ae70fdf5923b82be0e49c2dfaddd8a4d096202cbef238b9ef2
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 4c59a58307d4223683e05d5793ba2dbd03cd3b2903f81bc3d24a478537e0b4ba
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 02315076A09A8285EB20DF69E8552FA7360FF88788F480135EA4D9BB5EDF3CD145C700
                                                                                                                                                                                                      Function 00007FF651742960 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 64COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetCurrentProcessId.KERNEL32(?,?,00000000,00000000,00000000,00007FF651741BD9), ref: 00007FF6517429B0
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentProcess
                                                                                                                                                                                                      • String ID: ERROR$Error$Error [ANSI Fallback]$[PYI-%d:%s]
                                                                                                                                                                                                      • API String ID: 2050909247-1591803126
                                                                                                                                                                                                      • Opcode ID: a417ab35f6fe46d0b776499af19d02e31cce072a5c430b830393cf458dc1f191
                                                                                                                                                                                                      • Instruction ID: 6703d1ada71a611181d5a7e8775a7b16b31dee0dbaede51ff67ebe9e59babd9e
                                                                                                                                                                                                      • Opcode Fuzzy Hash: a417ab35f6fe46d0b776499af19d02e31cce072a5c430b830393cf458dc1f191
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 93217F3261878142E7209B58F8407E663A4FB887C4F440136FACDA365EDF7CE245C640
                                                                                                                                                                                                      Function 00007FF65175A918 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 27libraryloaderCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: AddressFreeHandleLibraryModuleProc
                                                                                                                                                                                                      • String ID: CorExitProcess$mscoree.dll
                                                                                                                                                                                                      • API String ID: 4061214504-1276376045
                                                                                                                                                                                                      • Opcode ID: 0445041011577c357e717ecaae105294981f0374ecf8f27c16854f9c2d48fabb
                                                                                                                                                                                                      • Instruction ID: c4a3e942b456dba76c3d35c45920273c856ccaf49169f0f5ec9e3ed0ba4951ce
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 0445041011577c357e717ecaae105294981f0374ecf8f27c16854f9c2d48fabb
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 23F09665B09A0682FB148B28E4443796370FF457A5F590639D56DD61FDCF3CD444C740
                                                                                                                                                                                                      Function 00007FF65176A1F8 Relevance: 7.6, APIs: 5, Instructions: 56COMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _set_statfp
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 1156100317-0
                                                                                                                                                                                                      • Opcode ID: 2530144b45b37c08dad10d77fcc83a40a954e87303b189ab66742d0fc2e2be8e
                                                                                                                                                                                                      • Instruction ID: 5466425dfeca14bd4ef3d80c74f59fe26c1d643f72b026448edd85a4500e1552
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 2530144b45b37c08dad10d77fcc83a40a954e87303b189ab66742d0fc2e2be8e
                                                                                                                                                                                                      • Instruction Fuzzy Hash: F811C162E8CE2B09F794116CE45237502406F98370E3D0A34F97EF72DF8E2DA8854110
                                                                                                                                                                                                      Function 00007FF65175C220 Relevance: 7.6, APIs: 5, Instructions: 54COMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • FlsGetValue.KERNEL32(?,?,?,00007FF65175B433,?,?,00000000,00007FF65175B6CE,?,?,?,?,?,00007FF65175B65A), ref: 00007FF65175C23F
                                                                                                                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF65175B433,?,?,00000000,00007FF65175B6CE,?,?,?,?,?,00007FF65175B65A), ref: 00007FF65175C25E
                                                                                                                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF65175B433,?,?,00000000,00007FF65175B6CE,?,?,?,?,?,00007FF65175B65A), ref: 00007FF65175C286
                                                                                                                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF65175B433,?,?,00000000,00007FF65175B6CE,?,?,?,?,?,00007FF65175B65A), ref: 00007FF65175C297
                                                                                                                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF65175B433,?,?,00000000,00007FF65175B6CE,?,?,?,?,?,00007FF65175B65A), ref: 00007FF65175C2A8
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Value
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3702945584-0
                                                                                                                                                                                                      • Opcode ID: f41bf0f45c4732074ffa559bb21df9329038be0bb1437cd098e0ac50d9c853ac
                                                                                                                                                                                                      • Instruction ID: 70996b9902e08b9e475567f45880357111082f979dcc75c7b8adca7f4f28e24b
                                                                                                                                                                                                      • Opcode Fuzzy Hash: f41bf0f45c4732074ffa559bb21df9329038be0bb1437cd098e0ac50d9c853ac
                                                                                                                                                                                                      • Instruction Fuzzy Hash: D1117F20F0D24243FB58636D994123922855F487E0F5E4B34E93DF6ADFDE3CB4428201
                                                                                                                                                                                                      Function 00007FF65175C0B4 Relevance: 7.6, APIs: 5, Instructions: 50COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Value
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3702945584-0
                                                                                                                                                                                                      • Opcode ID: 64d798665633a15c947dcbb1d34d3a4c93b1eecd8a68fe2d332a70cb77312de4
                                                                                                                                                                                                      • Instruction ID: 2da1e3f7327c72f3578ff6268d25157dd5b3dc010c69114e558ea02b38c05851
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 64d798665633a15c947dcbb1d34d3a4c93b1eecd8a68fe2d332a70cb77312de4
                                                                                                                                                                                                      • Instruction Fuzzy Hash: ED111550E0E20743FBA8623D485267A21864F4A760E6E0B34D93EFA6DFDD3CB4429251
                                                                                                                                                                                                      Function 00007FF651760A58 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 219COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID: UTF-16LEUNICODE$UTF-8$ccs
                                                                                                                                                                                                      • API String ID: 3215553584-1196891531
                                                                                                                                                                                                      • Opcode ID: cbd0801a0664652a437363c2176815b6ad829e29b9166d36b62ee28efe49830f
                                                                                                                                                                                                      • Instruction ID: c619fd29e2ebac3a6765572a0daae206021653d53200ceef4fa981d40a00d8a5
                                                                                                                                                                                                      • Opcode Fuzzy Hash: cbd0801a0664652a437363c2176815b6ad829e29b9166d36b62ee28efe49830f
                                                                                                                                                                                                      • Instruction Fuzzy Hash: AB818A32E0830A85F7655F2D85502BC2EA0EB11B88F5D9435DA0EF769FDF2DE9419701
                                                                                                                                                                                                      Function 00007FF65174E4D8 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 154COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentImageNonwritableUnwind__except_validate_context_record
                                                                                                                                                                                                      • String ID: csm
                                                                                                                                                                                                      • API String ID: 2395640692-1018135373
                                                                                                                                                                                                      • Opcode ID: 6d06903a11e4eccf6ced7483e1ee2fbd0b2764b28c3e0d7fde6b90923ce0bdce
                                                                                                                                                                                                      • Instruction ID: d9f3fd0c6768261c8a7d6772c8076b595f38c3ee78c8e13e3ec49b436829592b
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 6d06903a11e4eccf6ced7483e1ee2fbd0b2764b28c3e0d7fde6b90923ce0bdce
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 5D51B332B196028ADB54CF19E444E787391FB44BA8F194131DA8E9778EEFBCE891C741
                                                                                                                                                                                                      Function 00007FF65174FD68 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 146COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CallEncodePointerTranslator
                                                                                                                                                                                                      • String ID: MOC$RCC
                                                                                                                                                                                                      • API String ID: 3544855599-2084237596
                                                                                                                                                                                                      • Opcode ID: 4be1b3a6162807ade533e9a562a8ba477cdc1b9b8f7b7f7e0e02e5968d613ed2
                                                                                                                                                                                                      • Instruction ID: 000156eaeeb5db4dfc62712024fa39a4b24a99eba889543250088a48199d8334
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 4be1b3a6162807ade533e9a562a8ba477cdc1b9b8f7b7f7e0e02e5968d613ed2
                                                                                                                                                                                                      • Instruction Fuzzy Hash: BF615232908BC586D7709F19E4407AAB7A0FB85B94F084625EBDC57B9ADFBCD190CB40
                                                                                                                                                                                                      Function 00007FF651750118 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 146COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Frame$EmptyHandler3::StateUnwind__except_validate_context_record
                                                                                                                                                                                                      • String ID: csm$csm
                                                                                                                                                                                                      • API String ID: 3896166516-3733052814
                                                                                                                                                                                                      • Opcode ID: 43da3ea47f9807e60bb22aa6e51170387ab3b87be5e84f223723752f32086958
                                                                                                                                                                                                      • Instruction ID: 0c99357dfb266a8819d2ea985f144970fed7d0e32b0debc9d2d678cc202a7aa4
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 43da3ea47f9807e60bb22aa6e51170387ab3b87be5e84f223723752f32086958
                                                                                                                                                                                                      • Instruction Fuzzy Hash: BB517F329082828BEB748F29944436D7BA0EB55B94F5D413ADA9CE7B9BCF3CE451C701
                                                                                                                                                                                                      Function 00007FF65175D430 Relevance: 6.3, APIs: 4, Instructions: 299fileCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: FileWrite$ConsoleErrorLastOutput
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2718003287-0
                                                                                                                                                                                                      • Opcode ID: 66024a8efee63ca507785ae5bdcff78a5678cf43b823743de2dc90b43ef89417
                                                                                                                                                                                                      • Instruction ID: 95da1e855082c8f56ebeea63d2baa8276dafae0d5a33a4fdee341cf974801a72
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 66024a8efee63ca507785ae5bdcff78a5678cf43b823743de2dc90b43ef89417
                                                                                                                                                                                                      • Instruction Fuzzy Hash: BBD10276B08A818AE710CF79D4402AC37B1FB457D8B194236CE5EA7B9EDE39E546C300
                                                                                                                                                                                                      Function 00007FF651742100 Relevance: 6.1, APIs: 4, Instructions: 52COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: LongWindow$DialogInvalidateRect
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 1956198572-0
                                                                                                                                                                                                      • Opcode ID: 0d6a54b01a0c48151da7b8fe57f6b19d6aed648dbf882a6b24d0b939765cf479
                                                                                                                                                                                                      • Instruction ID: 51ffec2e069e4c5efd3b11f1be0ed45dce48b0c8bcff1d9e9fd2aa53c31bf8fb
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 0d6a54b01a0c48151da7b8fe57f6b19d6aed648dbf882a6b24d0b939765cf479
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 5E110825E0C14642FB549B6EF9446B92692EFC9780F8C8031DF8997B9FCD7CE8D54600
                                                                                                                                                                                                      Function 00007FF651742660 Relevance: 6.0, APIs: 4, Instructions: 44windowCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: DebugMessageOutputString$ByteCharMultiWide
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2053247551-0
                                                                                                                                                                                                      • Opcode ID: 5017166035da83f72ec5c6f0ebe3249bdfa21e400b60e2840d32238a23ff38f5
                                                                                                                                                                                                      • Instruction ID: 81ef1cfc7e785493fe3f1e1bef3a9f91a9de90c3a420a78853cbd6f9dbf62270
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 5017166035da83f72ec5c6f0ebe3249bdfa21e400b60e2840d32238a23ff38f5
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 8F01C862B0878681EB309B19F8042A96721FF58BC4F480131DE8DA7B9FDF2CE509C700
                                                                                                                                                                                                      Function 00007FF6517669AC Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 121COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _get_daylight$_invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID: ?
                                                                                                                                                                                                      • API String ID: 1286766494-1684325040
                                                                                                                                                                                                      • Opcode ID: c1bdc2579b956790bb50de508ea3c9c66a422cfaa899ad11feabb2fbc1353bbb
                                                                                                                                                                                                      • Instruction ID: d695bd22da35e5754641c25c1d4d97d998b197b86ed933433606e195c6b49650
                                                                                                                                                                                                      • Opcode Fuzzy Hash: c1bdc2579b956790bb50de508ea3c9c66a422cfaa899ad11feabb2fbc1353bbb
                                                                                                                                                                                                      • Instruction Fuzzy Hash: A2412722A0838A46FB209B2AD44137D6A51EB80BA4F6C4235FE5D97ADFDF3CD541C704
                                                                                                                                                                                                      Function 00007FF651759EA4 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 111COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • _invalid_parameter_noinfo.LIBCMT ref: 00007FF651759ED6
                                                                                                                                                                                                        • Part of subcall function 00007FF65175B7D8: RtlFreeHeap.NTDLL(?,?,?,00007FF651763BB2,?,?,?,00007FF651763BEF,?,?,00000000,00007FF6517640B5,?,?,?,00007FF651763FE7), ref: 00007FF65175B7EE
                                                                                                                                                                                                        • Part of subcall function 00007FF65175B7D8: GetLastError.KERNEL32(?,?,?,00007FF651763BB2,?,?,?,00007FF651763BEF,?,?,00000000,00007FF6517640B5,?,?,?,00007FF651763FE7), ref: 00007FF65175B7F8
                                                                                                                                                                                                      • GetModuleFileNameW.KERNEL32(?,?,?,?,?,00007FF65174DA35), ref: 00007FF651759EF4
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ErrorFileFreeHeapLastModuleName_invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID: C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                      • API String ID: 3580290477-180557381
                                                                                                                                                                                                      • Opcode ID: d70d381c8e345d7a8140167bce06820baf7692cd245d0ed09c2ccdb5c07d0d09
                                                                                                                                                                                                      • Instruction ID: cbb58934324d53fe3eea70a5da31ba7662fc4622dba639f73d0e06d85f74ff97
                                                                                                                                                                                                      • Opcode Fuzzy Hash: d70d381c8e345d7a8140167bce06820baf7692cd245d0ed09c2ccdb5c07d0d09
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 3A416F36A08B1297EB54EF29D8800BD27D5EF457C4B5E4036E90DA7B8AEF3CE4818740
                                                                                                                                                                                                      Function 00007FF65175DAC8 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 100fileCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ErrorFileLastWrite
                                                                                                                                                                                                      • String ID: U
                                                                                                                                                                                                      • API String ID: 442123175-4171548499
                                                                                                                                                                                                      • Opcode ID: f9c316fb67ba2be537d208413cf1220e477e2a5b4c7a1811549ade85e5129248
                                                                                                                                                                                                      • Instruction ID: 09423772c9f1a9afb350fb9f0c07bf0012678e9603fe5f54268a0167537dcd40
                                                                                                                                                                                                      • Opcode Fuzzy Hash: f9c316fb67ba2be537d208413cf1220e477e2a5b4c7a1811549ade85e5129248
                                                                                                                                                                                                      • Instruction Fuzzy Hash: CF41D522B19A4586DB20CF29E4443A9B7A1FB987C4F494031EE8DD7799DF7CD541C740
                                                                                                                                                                                                      Function 00007FF651760448 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 66COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentDirectory
                                                                                                                                                                                                      • String ID: :
                                                                                                                                                                                                      • API String ID: 1611563598-336475711
                                                                                                                                                                                                      • Opcode ID: c9761c8d2488dc70686a31964be8ca4e7b45f0d449c8a260b92ec71f156616e0
                                                                                                                                                                                                      • Instruction ID: 93260058d1dfb026d79110059c624d3b985474abcf88693bd82f3aa5c92708eb
                                                                                                                                                                                                      • Opcode Fuzzy Hash: c9761c8d2488dc70686a31964be8ca4e7b45f0d449c8a260b92ec71f156616e0
                                                                                                                                                                                                      • Instruction Fuzzy Hash: B721E772B0868982EB209B19D44427D77B2FB84B84F994035DA8DA368BDF7CE945C740
                                                                                                                                                                                                      Function 00007FF651750BD8 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 44COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ExceptionFileHeaderRaise
                                                                                                                                                                                                      • String ID: csm
                                                                                                                                                                                                      • API String ID: 2573137834-1018135373
                                                                                                                                                                                                      • Opcode ID: f7ca8b4ebdc19bd2a8daca7b92626e44264ed40d37d4c7e07f6c53dbae7fecdd
                                                                                                                                                                                                      • Instruction ID: 9da490f9385100662b9dffe2ec42c7eedae94004345751c525cc789157e3e893
                                                                                                                                                                                                      • Opcode Fuzzy Hash: f7ca8b4ebdc19bd2a8daca7b92626e44264ed40d37d4c7e07f6c53dbae7fecdd
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 86116032618B8482EB218F19F4002697BE1FB88B84F5D4235DE8D57B59DF3CC551CB00
                                                                                                                                                                                                      Function 00007FF6517615CC Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 36COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000005.00000002.1697457022.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697419796.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697509024.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697561333.00007FF651786000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000005.00000002.1697659303.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_5_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: DriveType_invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID: :
                                                                                                                                                                                                      • API String ID: 2595371189-336475711
                                                                                                                                                                                                      • Opcode ID: ea2191d5d0cf109ba06c2fb9ac991aec13a9c9b56c21ad2cfb2546a21836219d
                                                                                                                                                                                                      • Instruction ID: 52bf7f2bd8eb788dd680585216be884babca4e97e1e6ab64c48d3d14cbf165ef
                                                                                                                                                                                                      • Opcode Fuzzy Hash: ea2191d5d0cf109ba06c2fb9ac991aec13a9c9b56c21ad2cfb2546a21836219d
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 8201D666A1C20786FB20AF68D46527E33A0EF84745F8D0436D54DE269BDF3CE945CB14

                                                                                                                                                                                                      Executed Functions

                                                                                                                                                                                                      Function 00007FF651741000 Relevance: 119.6, APIs: 5, Strings: 63, Instructions: 555COMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                      control_flow_graph 408 7ff651741000-7ff651743cc4 call 7ff651750ca8 call 7ff651750cb0 call 7ff65174d6e0 call 7ff651756280 call 7ff651756314 call 7ff651742770 call 7ff651743b40 424 7ff651743cc6-7ff651743ccb 408->424 425 7ff651743cd0-7ff651743d05 call 7ff651742770 * 2 call 7ff651741950 408->425 426 7ff651744628-7ff651744642 call 7ff65174d3e0 424->426 435 7ff651743e2b-7ff651743e4c call 7ff651742770 call 7ff651744c50 425->435 436 7ff651743d0b-7ff651743d24 call 7ff651741cc0 425->436 445 7ff651743e4e-7ff651743e53 435->445 446 7ff651743e55-7ff651743e81 call 7ff6517488f0 435->446 440 7ff651743d29-7ff651743d99 call 7ff651742770 * 2 call 7ff651749640 436->440 459 7ff651743d9b-7ff651743d9e 440->459 460 7ff651743dc1-7ff651743dcf call 7ff651755dc0 440->460 450 7ff651743e90-7ff651743eb0 call 7ff651742770 call 7ff651742960 445->450 456 7ff651743eb5-7ff651743eda call 7ff651741cc0 446->456 457 7ff651743e83-7ff651743e8b call 7ff651750edc 446->457 470 7ff651744620 450->470 472 7ff651743ee0-7ff651743ee9 456->472 457->450 464 7ff651743da0-7ff651743da4 459->464 465 7ff651743db5-7ff651743dbc call 7ff6517497b0 459->465 476 7ff651743f79-7ff651743fa7 call 7ff651749750 call 7ff6517497b0 * 3 460->476 477 7ff651743dd5-7ff651743de7 call 7ff651749640 460->477 464->465 469 7ff651743da6-7ff651743db2 call 7ff651742770 464->469 465->460 469->465 470->426 472->472 475 7ff651743eeb-7ff651743f17 call 7ff651742770 call 7ff651741950 472->475 475->440 493 7ff651743f1d-7ff651743f34 call 7ff651742960 475->493 507 7ff651743fac-7ff651743fc3 call 7ff651749640 476->507 486 7ff651743ded-7ff651743e05 call 7ff651742770 477->486 487 7ff651743f65-7ff651743f74 call 7ff651742770 call 7ff651755dc0 477->487 498 7ff651743e10-7ff651743e16 486->498 487->476 493->470 503 7ff651743f39-7ff651743f3b 498->503 504 7ff651743e1c-7ff651743e21 498->504 506 7ff651743f3e-7ff651743f52 call 7ff651742770 503->506 504->498 505 7ff651743e23-7ff651743e26 504->505 505->506 510 7ff651743f57-7ff651743f61 call 7ff651755dc0 506->510 513 7ff651743fc9-7ff651743fcc 507->513 514 7ff6517440d5-7ff6517440e3 507->514 510->507 520 7ff651743f63 510->520 513->514 518 7ff651743fd2-7ff651743fd5 513->518 515 7ff6517440e9-7ff6517440ec 514->515 516 7ff651743fec 514->516 519 7ff651743ff0-7ff65174401d call 7ff651755dc0 call 7ff651742770 515->519 516->519 521 7ff651743fdb-7ff651743fdf 518->521 522 7ff6517440a1-7ff6517440a4 518->522 534 7ff651744038-7ff65174404d 519->534 535 7ff65174401f-7ff651744033 call 7ff651749750 519->535 520->476 521->522 523 7ff651743fe5 521->523 525 7ff6517440a6-7ff6517440aa 522->525 526 7ff6517440bc-7ff6517440d0 call 7ff651742960 522->526 523->516 525->526 528 7ff6517440ac-7ff6517440b7 525->528 533 7ff651744600-7ff651744618 526->533 528->519 533->470 537 7ff651744177-7ff651744189 call 7ff651749640 534->537 538 7ff651744053-7ff651744057 534->538 535->534 547 7ff6517441a8-7ff6517441b7 call 7ff651755dc0 537->547 548 7ff65174418b-7ff651744191 537->548 539 7ff65174405d-7ff651744075 call 7ff6517560e0 538->539 540 7ff65174415c-7ff651744171 call 7ff651741940 538->540 551 7ff651744077-7ff65174408f call 7ff6517560e0 539->551 552 7ff6517440f1-7ff651744109 call 7ff6517560e0 539->552 540->537 540->538 559 7ff6517441bd-7ff6517441c3 547->559 560 7ff6517442f4-7ff651744315 call 7ff651744b70 547->560 549 7ff65174419d-7ff6517441a2 548->549 550 7ff651744193-7ff65174419b 548->550 549->547 550->549 551->540 564 7ff651744095-7ff65174409c 551->564 561 7ff651744116-7ff65174412e call 7ff6517560e0 552->561 562 7ff65174410b-7ff65174410f 552->562 565 7ff6517441c9-7ff6517441f0 call 7ff651742770 * 2 call 7ff651749e70 559->565 566 7ff651744258-7ff651744273 call 7ff651742770 559->566 573 7ff651744317-7ff651744321 call 7ff651744cc0 560->573 574 7ff651744323-7ff651744334 call 7ff651741cc0 560->574 578 7ff65174413b-7ff651744153 call 7ff6517560e0 561->578 579 7ff651744130-7ff651744134 561->579 562->561 564->540 600 7ff651744208-7ff651744225 call 7ff651742770 call 7ff651749450 565->600 601 7ff6517441f2-7ff651744203 call 7ff651742960 565->601 572 7ff651744278-7ff65174428a call 7ff651749640 566->572 590 7ff65174428c-7ff65174428f 572->590 591 7ff6517442de-7ff6517442ef call 7ff651742960 572->591 582 7ff651744339-7ff651744356 call 7ff651742770 573->582 574->582 578->540 592 7ff651744155 578->592 579->578 597 7ff651744358-7ff65174435f 582->597 598 7ff6517443b5-7ff6517443cb call 7ff65174a220 582->598 590->591 596 7ff651744291-7ff6517442b4 call 7ff651741cc0 590->596 605 7ff6517445f8 591->605 592->540 613 7ff6517442b6-7ff6517442cf call 7ff651742960 call 7ff651755dc0 596->613 614 7ff6517442d4-7ff6517442dc call 7ff651755dc0 596->614 597->598 603 7ff651744361-7ff651744364 597->603 618 7ff6517443cd-7ff6517443de call 7ff651742960 598->618 619 7ff6517443e3-7ff65174440f call 7ff651742880 SetDllDirectoryW 598->619 632 7ff651744227-7ff651744238 call 7ff651742960 600->632 633 7ff65174423d-7ff651744253 call 7ff651742770 600->633 601->605 603->598 609 7ff651744366-7ff6517443a7 SetDllDirectoryW call 7ff651742880 LoadLibraryExW 603->609 605->533 630 7ff6517443a9 609->630 631 7ff6517443b0 call 7ff651742880 609->631 613->605 614->582 618->605 636 7ff65174441d-7ff65174442c call 7ff651749640 619->636 637 7ff651744411-7ff651744418 619->637 630->631 631->598 632->605 633->582 646 7ff65174442e-7ff651744434 636->646 647 7ff651744445-7ff65174444f call 7ff651755dc0 636->647 642 7ff6517444a7 call 7ff651742770 637->642 648 7ff6517444ac-7ff6517444b3 642->648 649 7ff651744436-7ff65174443e 646->649 650 7ff651744440-7ff651744442 646->650 660 7ff651744451-7ff65174446c call 7ff651742770 call 7ff651749750 647->660 661 7ff65174446e-7ff651744474 647->661 652 7ff6517444b9-7ff6517444c0 648->652 653 7ff65174458c-7ff651744593 648->653 649->650 650->647 652->653 654 7ff6517444c6-7ff6517444ce call 7ff651743970 652->654 655 7ff6517445b8-7ff6517445f1 call 7ff651743960 call 7ff6517435e0 call 7ff651743910 call 7ff6517477e0 call 7ff651747590 call 7ff651742770 653->655 656 7ff651744595-7ff6517445b2 PostMessageW GetMessageW 653->656 654->605 695 7ff6517445f6 655->695 656->655 660->648 663 7ff651744476-7ff651744491 call 7ff651742770 call 7ff651749750 661->663 664 7ff651744493-7ff65174449a 661->664 663->648 670 7ff65174449c-7ff65174449e 664->670 671 7ff6517444d3-7ff6517444d5 664->671 673 7ff6517444d7-7ff6517444ff call 7ff651742770 call 7ff6517475e0 call 7ff651747c80 670->673 674 7ff6517444a0 670->674 671->673 671->674 693 7ff65174450a-7ff65174451d call 7ff651742770 673->693 694 7ff651744501-7ff651744508 673->694 674->642 700 7ff65174451f-7ff651744538 call 7ff651742770 call 7ff651747620 693->700 701 7ff651744543-7ff65174454d call 7ff651747ab0 693->701 697 7ff651744572-7ff651744587 call 7ff651742cb0 call 7ff6517477e0 call 7ff651747590 694->697 695->605 697->648 700->701 716 7ff65174453a-7ff651744541 700->716 711 7ff651744558-7ff651744565 call 7ff651747e30 701->711 712 7ff65174454f-7ff651744556 701->712 711->648 718 7ff65174456b 711->718 712->697 716->697 718->697
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: DebugErrorFileLastModuleNameOutputString
                                                                                                                                                                                                      • String ID: Could not create temporary directory!$Could not load PyInstaller's embedded PKG archive from the executable (%s)$Could not side-load PyInstaller's PKG archive from external file (%s)$Failed to convert DLL search path!$Failed to initialize security descriptor for temporary directory!$Failed to load Tcl/Tk shared libraries for splash screen!$Failed to load splash screen resources!$Failed to start splash screen!$Failed to unpack splash screen dependencies from PKG archive!$Invalid value in _PYI_PARENT_PROCESS_LEVEL: %s$LOADER: _PYI_ARCHIVE_FILE already defined: %s$LOADER: _PYI_ARCHIVE_FILE not defined...$LOADER: application has %s semantics...$LOADER: application's top-level directory: %s$LOADER: archive file: %s$LOADER: attempting to pre-load system copy of %ls...$LOADER: calling SetDllDirectory: %ls$LOADER: could not load system copy of %ls.$LOADER: created temporary directory: %s$LOADER: creating temporary directory (runtime_tmpdir=%s)...$LOADER: end of process reached!$LOADER: executable file: %s$LOADER: explicit environment reset enabled via environment variable!$LOADER: extracting splash screen dependencies...$LOADER: failed to open executable-embedded archive!$LOADER: initializing security descriptor for temporary directory...$LOADER: loading splash screen resources...$LOADER: process is not eligible for splash screen$LOADER: process level = %d$LOADER: setting up splash screen...$LOADER: side-load is disabled (code %d)!$LOADER: spawned subprocess - suppressing splash screen...$LOADER: splash screen is explicitly suppressed via environment variable!$LOADER: splash screen is unavailable.$LOADER: successfully loaded system copy of %ls.$LOADER: this is child process of onefile application (%s).$LOADER: this is parent process of onefile application.$LOADER: trying to load executable-embedded archive...$LOADER: trying to load external PKG archive (%s)...$LOADER: using different archive file than parent environment!$LOADER: using same archive file as parent environment!$MEI$PYINSTALLER_RESET_ENVIRONMENT$PYINSTALLER_STRICT_UNPACK_MODE$PYINSTALLER_SUPPRESS_SPLASH_SCREEN$Path exceeds PYI_PATH_MAX limit.$PyInstaller Bootloader 6.x$Py_GIL_DISABLED$VCRUNTIME140.dll$_PYI_APPLICATION_HOME_DIR$_PYI_APPLICATION_HOME_DIR not set for onefile child process!$_PYI_ARCHIVE_FILE$_PYI_PARENT_PROCESS_LEVEL$_PYI_SPLASH_IPC$main application process$onedir$onefile$pkg$pyi-contents-directory$pyi-disable-windowed-traceback$pyi-python-flag$pyi-runtime-tmpdir$spawned subprocess
                                                                                                                                                                                                      • API String ID: 3669267851-3110933790
                                                                                                                                                                                                      • Opcode ID: f61be5132bf5909054bae5e00efdbbeb5646229484dc15efeedf1bf7e0272f06
                                                                                                                                                                                                      • Instruction ID: 90d3d788176794cb2c3a1250f56848b586addcfc5371fad817d804978eb7b184
                                                                                                                                                                                                      • Opcode Fuzzy Hash: f61be5132bf5909054bae5e00efdbbeb5646229484dc15efeedf1bf7e0272f06
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 9C428C25A1C69691FB15EB2DD8541B96391AF54780F8C4032D9DEE32DFEFACEA18C340
                                                                                                                                                                                                      Function 00007FF8328B3A40 Relevance: 77.3, APIs: 32, Strings: 12, Instructions: 288stringmemorythreadCOMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                      control_flow_graph 719 7ff8328b3a40-7ff8328b3a68 720 7ff8328b3a6a-7ff8328b3a75 719->720 721 7ff8328b3a7c-7ff8328b3a8c 719->721 720->721 722 7ff8328b3a92-7ff8328b3aa0 call 7ff8328b1150 721->722 723 7ff8328b3bfe-7ff8328b3c12 PyUnicode_FromString 721->723 735 7ff8328b3aa2 722->735 736 7ff8328b3aa5-7ff8328b3ab7 _PyType_CalculateMetaclass 722->736 724 7ff8328b3d58-7ff8328b3d5b 723->724 725 7ff8328b3c18-7ff8328b3c2d PyType_GenericAlloc 723->725 727 7ff8328b3d6c-7ff8328b3d6f 724->727 728 7ff8328b3d5d-7ff8328b3d61 724->728 725->724 729 7ff8328b3c33-7ff8328b3c3c 725->729 733 7ff8328b3d80 727->733 734 7ff8328b3d71-7ff8328b3d75 727->734 728->727 731 7ff8328b3d63-7ff8328b3d66 _Py_Dealloc 728->731 732 7ff8328b3c40-7ff8328b3c91 729->732 731->727 732->732 737 7ff8328b3c93-7ff8328b3c96 732->737 739 7ff8328b3d82-7ff8328b3d9d 733->739 734->733 738 7ff8328b3d77-7ff8328b3d7a _Py_Dealloc 734->738 735->736 736->724 740 7ff8328b3abd-7ff8328b3ac4 736->740 741 7ff8328b3cb3-7ff8328b3cb6 737->741 742 7ff8328b3c98-7ff8328b3cad PyObject_SetAttrString 737->742 738->733 740->723 743 7ff8328b3aca-7ff8328b3ae0 PyObject_GetAttrString 740->743 745 7ff8328b3cc6-7ff8328b3cee PyType_Ready 741->745 746 7ff8328b3cb8-7ff8328b3cc3 741->746 742->741 744 7ff8328b3d49-7ff8328b3d4d 742->744 747 7ff8328b3ae2-7ff8328b3ae8 PyErr_Clear 743->747 748 7ff8328b3aed-7ff8328b3b02 PyUnicode_CompareWithASCIIString 743->748 744->724 749 7ff8328b3d4f-7ff8328b3d52 _Py_Dealloc 744->749 745->744 750 7ff8328b3cf0-7ff8328b3d0e PyObject_GetAttrString 745->750 746->745 751 7ff8328b3bda-7ff8328b3bf1 PyErr_SetString 747->751 752 7ff8328b3b04-7ff8328b3b19 strcmp 748->752 753 7ff8328b3b49-7ff8328b3b5b PyUnicode_CompareWithASCIIString 748->753 749->724 756 7ff8328b3da2 PyErr_Clear 750->756 757 7ff8328b3d14-7ff8328b3d23 PyObject_IsTrue 750->757 751->724 758 7ff8328b3b41-7ff8328b3b44 752->758 759 7ff8328b3b1b-7ff8328b3b2c strcmp 752->759 754 7ff8328b3b76-7ff8328b3b88 PyUnicode_CompareWithASCIIString 753->754 755 7ff8328b3b5d-7ff8328b3b6f call 7ff8328c4355 753->755 761 7ff8328b3bc6-7ff8328b3bca 754->761 763 7ff8328b3b8a-7ff8328b3b97 754->763 755->754 774 7ff8328b3b71-7ff8328b3b74 755->774 764 7ff8328b3da8-7ff8328b3dbd PyObject_SetAttrString 756->764 765 7ff8328b3d25-7ff8328b3d28 _Py_Dealloc 757->765 766 7ff8328b3d2e-7ff8328b3d30 757->766 758->761 759->758 760 7ff8328b3b2e-7ff8328b3b3f strcmp 759->760 760->753 760->758 769 7ff8328b3bd5-7ff8328b3bd8 761->769 770 7ff8328b3bcc-7ff8328b3bcf _Py_Dealloc 761->770 768 7ff8328b3ba0-7ff8328b3bb0 763->768 764->744 771 7ff8328b3dbf-7ff8328b3de7 PyThreadState_Get 764->771 765->766 772 7ff8328b3d32-7ff8328b3d43 PyErr_SetString 766->772 773 7ff8328b3d9e 766->773 775 7ff8328b3bb2-7ff8328b3bb6 768->775 776 7ff8328b3bb8-7ff8328b3bc3 768->776 769->751 780 7ff8328b3bf6 769->780 770->769 778 7ff8328b3de9-7ff8328b3df4 771->778 779 7ff8328b3e1e-7ff8328b3e34 _PyObject_MakeTpCall 771->779 772->744 773->744 777 7ff8328b3da0 773->777 774->761 775->768 775->776 776->761 777->764 778->779 782 7ff8328b3df6-7ff8328b3e1c _Py_CheckFunctionResult 778->782 781 7ff8328b3e3a-7ff8328b3e40 779->781 780->723 781->744 783 7ff8328b3e46-7ff8328b3e5d _PyObject_GetAttrId 781->783 782->781 785 7ff8328b3e68-7ff8328b3e6b 783->785 786 7ff8328b3e5f-7ff8328b3e62 _Py_Dealloc 783->786 785->744 787 7ff8328b3e71-7ff8328b3e89 PyObject_VectorcallDict 785->787 786->785 788 7ff8328b3e94-7ff8328b3e97 787->788 789 7ff8328b3e8b-7ff8328b3e8e _Py_Dealloc 787->789 788->744 790 7ff8328b3e9d-7ff8328b3ea1 788->790 789->788 791 7ff8328b3ea3-7ff8328b3ea6 _Py_Dealloc 790->791 792 7ff8328b3eac-7ff8328b3eaf 790->792 791->792 792->739
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685906558.00007FF8328B1000.00000020.00000001.01000000.00000012.sdmp, Offset: 00007FF8328B0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685870583.00007FF8328B0000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685947239.00007FF8328C5000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685983863.00007FF8328CB000.00000004.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1686019669.00007FF8328CF000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff8328b0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: String$DeallocObject_$Attr$Err_Unicode_$CompareType_Withstrcmp$Clear$AllocCalculateCallCheckDictFromFunctionGenericMakeMetaclassReadyResultState_ThreadTrueVectorcall
                                                                                                                                                                                                      • String ID: ABCMeta$GenericMeta$TypingMeta$_ProtocolMeta$__module__$__orig_bases__$__slots__$abc$mypyc classes can't have __slots__$mypyc classes can't have a metaclass$typing$typing_extensions
                                                                                                                                                                                                      • API String ID: 48637540-3015203947
                                                                                                                                                                                                      • Opcode ID: 890aff36bcf2a83953149b8612a68dbc598af377f9ca5a0e2141a9954acb5116
                                                                                                                                                                                                      • Instruction ID: bd500946c73f443f532d5cf37d1eb16b2ea0404a3db8e5b48612a3f32d096fa1
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 890aff36bcf2a83953149b8612a68dbc598af377f9ca5a0e2141a9954acb5116
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 6BD15D21B0AB5685EE50AB26ED142F9A3A0BF45BC4F489039DE4D27674EFFCF445A300
                                                                                                                                                                                                      Function 00007FF6517677F4 Relevance: 13.8, APIs: 9, Instructions: 276fileCOMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                      control_flow_graph 1211 7ff6517677f4-7ff651767867 call 7ff651767528 1214 7ff651767869-7ff651767872 call 7ff651755d78 1211->1214 1215 7ff651767881-7ff65176788b call 7ff6517593b0 1211->1215 1220 7ff651767875-7ff65176787c call 7ff651755d98 1214->1220 1221 7ff65176788d-7ff6517678a4 call 7ff651755d78 call 7ff651755d98 1215->1221 1222 7ff6517678a6-7ff65176790f CreateFileW 1215->1222 1238 7ff651767bc2-7ff651767be2 1220->1238 1221->1220 1223 7ff65176798c-7ff651767997 GetFileType 1222->1223 1224 7ff651767911-7ff651767917 1222->1224 1231 7ff6517679ea-7ff6517679f1 1223->1231 1232 7ff651767999-7ff6517679d4 GetLastError call 7ff651755d0c CloseHandle 1223->1232 1228 7ff651767959-7ff651767987 GetLastError call 7ff651755d0c 1224->1228 1229 7ff651767919-7ff65176791d 1224->1229 1228->1220 1229->1228 1236 7ff65176791f-7ff651767957 CreateFileW 1229->1236 1234 7ff6517679f9-7ff6517679fc 1231->1234 1235 7ff6517679f3-7ff6517679f7 1231->1235 1232->1220 1246 7ff6517679da-7ff6517679e5 call 7ff651755d98 1232->1246 1241 7ff651767a02-7ff651767a57 call 7ff6517592c8 1234->1241 1242 7ff6517679fe 1234->1242 1235->1241 1236->1223 1236->1228 1250 7ff651767a76-7ff651767aa7 call 7ff6517672a8 1241->1250 1251 7ff651767a59-7ff651767a65 call 7ff651767730 1241->1251 1242->1241 1246->1220 1256 7ff651767aad-7ff651767aef 1250->1256 1257 7ff651767aa9-7ff651767aab 1250->1257 1251->1250 1258 7ff651767a67 1251->1258 1260 7ff651767b11-7ff651767b1c 1256->1260 1261 7ff651767af1-7ff651767af5 1256->1261 1259 7ff651767a69-7ff651767a71 call 7ff65175b950 1257->1259 1258->1259 1259->1238 1263 7ff651767b22-7ff651767b26 1260->1263 1264 7ff651767bc0 1260->1264 1261->1260 1262 7ff651767af7-7ff651767b0c 1261->1262 1262->1260 1263->1264 1266 7ff651767b2c-7ff651767b71 CloseHandle CreateFileW 1263->1266 1264->1238 1268 7ff651767ba6-7ff651767bbb 1266->1268 1269 7ff651767b73-7ff651767ba1 GetLastError call 7ff651755d0c call 7ff6517594f0 1266->1269 1268->1264 1269->1268
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: File$CreateErrorLast_invalid_parameter_noinfo$CloseHandle$Type
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 1617910340-0
                                                                                                                                                                                                      • Opcode ID: 1d9ed3d4efa89bdc1dc95a4a467970b21b1bc653c22a6d7fb70e9ddd5adb907c
                                                                                                                                                                                                      • Instruction ID: b71c38e35efe199d3533e2a401d8461857798e8137fb5c3646cb874759583774
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 1d9ed3d4efa89bdc1dc95a4a467970b21b1bc653c22a6d7fb70e9ddd5adb907c
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4BC1B233B24A4686EB10DFA9C4906AC3771FB49B98B095235DF1EA779ADF38D551C300
                                                                                                                                                                                                      Function 00007FF65174A110 Relevance: 3.0, APIs: 2, Instructions: 29COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Find$CloseFileFirst
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2295610775-0
                                                                                                                                                                                                      • Opcode ID: b115aaa5e8937644bfb662755a1459c59560f1bb963ed3fb365ba1dcea5c7f5a
                                                                                                                                                                                                      • Instruction ID: 3d1769bc36c18fdc691beec13cc004d2a500cbf1887d972a2311f302d3b5f123
                                                                                                                                                                                                      • Opcode Fuzzy Hash: b115aaa5e8937644bfb662755a1459c59560f1bb963ed3fb365ba1dcea5c7f5a
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 36F0C826A19642C7F7608B68F48836673A0EB44364F081335DABE92AE9CF7CD449CA00
                                                                                                                                                                                                      Function 00007FF651745EC0 Relevance: 231.4, APIs: 86, Strings: 46, Instructions: 402libraryloaderCOMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                      control_flow_graph 0 7ff651745ec0-7ff651745ee0 GetProcAddress 1 7ff651745f0f-7ff651745f29 GetProcAddress 0->1 2 7ff651745ee2-7ff651745ee8 GetLastError 0->2 4 7ff651745f2b-7ff651745f38 GetLastError 1->4 5 7ff651745f3a-7ff651745f54 GetProcAddress 1->5 3 7ff651745eef-7ff651745f0e call 7ff651742ec0 2->3 4->3 7 7ff651745f56-7ff651745f63 GetLastError 5->7 8 7ff651745f65-7ff651745f7f GetProcAddress 5->8 7->3 9 7ff651745f81-7ff651745f8e GetLastError 8->9 10 7ff651745f93-7ff651745fad GetProcAddress 8->10 9->3 12 7ff651745fc1-7ff651745fdb GetProcAddress 10->12 13 7ff651745faf-7ff651745fbc GetLastError 10->13 14 7ff651745fdd-7ff651745fea GetLastError 12->14 15 7ff651745fef-7ff651746009 GetProcAddress 12->15 13->3 14->3 16 7ff65174601d-7ff651746037 GetProcAddress 15->16 17 7ff65174600b-7ff651746011 GetLastError 15->17 18 7ff651746039-7ff65174603f GetLastError 16->18 19 7ff65174604b-7ff651746065 GetProcAddress 16->19 17->16 18->19 20 7ff651746079-7ff651746093 GetProcAddress 19->20 21 7ff651746067-7ff65174606d GetLastError 19->21 22 7ff6517460a7-7ff6517460c1 GetProcAddress 20->22 23 7ff651746095-7ff65174609b GetLastError 20->23 21->20 24 7ff6517460d5-7ff6517460ef GetProcAddress 22->24 25 7ff6517460c3-7ff6517460c9 GetLastError 22->25 23->22 26 7ff6517460f1-7ff6517460f7 GetLastError 24->26 27 7ff651746103-7ff65174611d GetProcAddress 24->27 25->24 26->27 28 7ff651746131-7ff65174614b GetProcAddress 27->28 29 7ff65174611f-7ff651746125 GetLastError 27->29 30 7ff65174614d-7ff651746153 GetLastError 28->30 31 7ff65174615f-7ff651746179 GetProcAddress 28->31 29->28 30->31 32 7ff65174618d-7ff6517461a7 GetProcAddress 31->32 33 7ff65174617b-7ff651746181 GetLastError 31->33 34 7ff6517461a9-7ff6517461af GetLastError 32->34 35 7ff6517461bb-7ff6517461d5 GetProcAddress 32->35 33->32 34->35 36 7ff6517461e9-7ff651746203 GetProcAddress 35->36 37 7ff6517461d7-7ff6517461dd GetLastError 35->37 38 7ff651746217-7ff651746231 GetProcAddress 36->38 39 7ff651746205-7ff65174620b GetLastError 36->39 37->36 40 7ff651746245-7ff65174625f GetProcAddress 38->40 41 7ff651746233-7ff651746239 GetLastError 38->41 39->38 42 7ff651746261-7ff651746267 GetLastError 40->42 43 7ff651746273-7ff65174628d GetProcAddress 40->43 41->40 42->43 44 7ff6517462a1-7ff6517462bb GetProcAddress 43->44 45 7ff65174628f-7ff651746295 GetLastError 43->45 46 7ff6517462bd-7ff6517462c3 GetLastError 44->46 47 7ff6517462cf-7ff6517462e9 GetProcAddress 44->47 45->44 46->47 48 7ff6517462fd-7ff651746317 GetProcAddress 47->48 49 7ff6517462eb-7ff6517462f1 GetLastError 47->49 50 7ff651746319-7ff65174631f GetLastError 48->50 51 7ff65174632b-7ff651746345 GetProcAddress 48->51 49->48 50->51 52 7ff651746359-7ff651746373 GetProcAddress 51->52 53 7ff651746347-7ff65174634d GetLastError 51->53 54 7ff651746387-7ff6517463a1 GetProcAddress 52->54 55 7ff651746375-7ff65174637b GetLastError 52->55 53->52 56 7ff6517463b5-7ff6517463cf GetProcAddress 54->56 57 7ff6517463a3-7ff6517463a9 GetLastError 54->57 55->54 58 7ff6517463d1-7ff6517463d7 GetLastError 56->58 59 7ff6517463e3-7ff6517463fd GetProcAddress 56->59 57->56 58->59 60 7ff651746411-7ff65174642b GetProcAddress 59->60 61 7ff6517463ff-7ff651746405 GetLastError 59->61 62 7ff65174642d-7ff651746433 GetLastError 60->62 63 7ff65174643f-7ff651746459 GetProcAddress 60->63 61->60 62->63 64 7ff65174646d-7ff651746487 GetProcAddress 63->64 65 7ff65174645b-7ff651746461 GetLastError 63->65 66 7ff651746489-7ff65174648f GetLastError 64->66 67 7ff65174649b-7ff6517464b5 GetProcAddress 64->67 65->64 66->67 68 7ff6517464c9-7ff6517464e3 GetProcAddress 67->68 69 7ff6517464b7-7ff6517464bd GetLastError 67->69 70 7ff6517464f7-7ff651746511 GetProcAddress 68->70 71 7ff6517464e5-7ff6517464eb GetLastError 68->71 69->68 72 7ff651746525-7ff65174653f GetProcAddress 70->72 73 7ff651746513-7ff651746519 GetLastError 70->73 71->70 74 7ff651746541-7ff651746547 GetLastError 72->74 75 7ff651746553-7ff65174656d GetProcAddress 72->75 73->72 74->75 76 7ff651746581-7ff65174659b GetProcAddress 75->76 77 7ff65174656f-7ff651746575 GetLastError 75->77 78 7ff65174659d-7ff6517465a3 GetLastError 76->78 79 7ff6517465af-7ff6517465c9 GetProcAddress 76->79 77->76 78->79 80 7ff6517465dd-7ff6517465f7 GetProcAddress 79->80 81 7ff6517465cb-7ff6517465d1 GetLastError 79->81 82 7ff6517465f9-7ff6517465ff GetLastError 80->82 83 7ff65174660b-7ff651746625 GetProcAddress 80->83 81->80 82->83 84 7ff651746639-7ff651746653 GetProcAddress 83->84 85 7ff651746627-7ff65174662d GetLastError 83->85 86 7ff651746667-7ff651746681 GetProcAddress 84->86 87 7ff651746655-7ff65174665b GetLastError 84->87 85->84 88 7ff651746695-7ff65174669c call 7ff651742770 86->88 89 7ff651746683-7ff651746689 GetLastError 86->89 87->86 91 7ff6517466a1-7ff6517466a8 88->91 89->88
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetProcAddress.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745ED0
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745EE2
                                                                                                                                                                                                      • GetProcAddress.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745F19
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745F2B
                                                                                                                                                                                                      • GetProcAddress.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745F44
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745F56
                                                                                                                                                                                                      • GetProcAddress.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745F6F
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745F81
                                                                                                                                                                                                      • GetProcAddress.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745F9D
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745FAF
                                                                                                                                                                                                      • GetProcAddress.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745FCB
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745FDD
                                                                                                                                                                                                      • GetProcAddress.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651745FF9
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF65174600B
                                                                                                                                                                                                      • GetProcAddress.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651746027
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651746039
                                                                                                                                                                                                      • GetProcAddress.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651746055
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,00007FF651746BF4,?,00007FF6517435EE), ref: 00007FF651746067
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: AddressErrorLastProc
                                                                                                                                                                                                      • String ID: Failed to get address for %hs$GetProcAddress$LOADER: loaded functions from Python shared library.$PyConfig_Clear$PyConfig_InitIsolatedConfig$PyConfig_Read$PyConfig_SetBytesString$PyConfig_SetString$PyConfig_SetWideStringList$PyErr_Clear$PyErr_Fetch$PyErr_NormalizeException$PyErr_Occurred$PyErr_Print$PyErr_Restore$PyEval_EvalCode$PyImport_AddModule$PyImport_ExecCodeModule$PyImport_ImportModule$PyMarshal_ReadObjectFromString$PyMem_RawFree$PyModule_GetDict$PyObject_CallFunction$PyObject_CallFunctionObjArgs$PyObject_GetAttrString$PyObject_SetAttrString$PyObject_Str$PyPreConfig_InitIsolatedConfig$PyRun_SimpleStringFlags$PyStatus_Exception$PySys_GetObject$PySys_SetObject$PyUnicode_AsUTF8$PyUnicode_Decode$PyUnicode_DecodeFSDefault$PyUnicode_FromFormat$PyUnicode_FromString$PyUnicode_Join$PyUnicode_Replace$Py_DecRef$Py_DecodeLocale$Py_ExitStatusException$Py_Finalize$Py_InitializeFromConfig$Py_IsInitialized$Py_PreInitialize
                                                                                                                                                                                                      • API String ID: 199729137-601071275
                                                                                                                                                                                                      • Opcode ID: 5afcfaf31c53aed0985ec3063d6f21463434516456f7f13f0d8a50b3cca6b037
                                                                                                                                                                                                      • Instruction ID: ac3d5e5911e02e28399095462d709c3bd8b491007d85099d190d0a0b1388d976
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 5afcfaf31c53aed0985ec3063d6f21463434516456f7f13f0d8a50b3cca6b037
                                                                                                                                                                                                      • Instruction Fuzzy Hash: EA32A360D4DB0B92FB15DB9CAC1447433A0AF09785B5C5836D85EE626EFFBCB598C220
                                                                                                                                                                                                      Function 00007FF8328C1FF0 Relevance: 172.6, APIs: 97, Strings: 1, Instructions: 1123COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • PyImport_Import.PYTHON310(?,?,?,?,?,?,?,?,?,00000000,?,?,00000000,00007FF8328B8E09), ref: 00007FF8328C2012
                                                                                                                                                                                                      • _Py_Dealloc.PYTHON310(?,?,?,?,?,?,?,?,?,00000000,?,?,00000000,00007FF8328B8E09), ref: 00007FF8328C203D
                                                                                                                                                                                                      • _Py_Dealloc.PYTHON310(?,?,?,?,?,?,?,?,?,00000000,?,?,00000000,00007FF8328B8E09), ref: 00007FF8328C2085
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685906558.00007FF8328B1000.00000020.00000001.01000000.00000012.sdmp, Offset: 00007FF8328B0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685870583.00007FF8328B0000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685947239.00007FF8328C5000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685983863.00007FF8328CB000.00000004.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1686019669.00007FF8328CF000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff8328b0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Dealloc$ImportImport_
                                                                                                                                                                                                      • String ID: <module>
                                                                                                                                                                                                      • API String ID: 2397823689-217463007
                                                                                                                                                                                                      • Opcode ID: 0c7a688c6fca0ab83a2187883d2c9beec5959766b679c9dbc50475957b89f669
                                                                                                                                                                                                      • Instruction ID: 0ddd17aa9f1b5f7a69e82f94107a8c48665cbfcefa4ea998e16395a541eb81c0
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 0c7a688c6fca0ab83a2187883d2c9beec5959766b679c9dbc50475957b89f669
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 75C21575F0AB2B81FA159B25EC801F9A3A0BF49BD5F444439C90D177B4EFBCA455A380
                                                                                                                                                                                                      Function 00007FF651746C20 Relevance: 35.1, APIs: 2, Strings: 18, Instructions: 145COMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                      control_flow_graph 793 7ff651746c20-7ff651746c49 call 7ff651745a90 796 7ff651746c5c-7ff651746c72 call 7ff651742770 call 7ff651745320 793->796 797 7ff651746c4b-7ff651746c57 call 7ff651742960 793->797 806 7ff651746c85-7ff651746c9f call 7ff651742770 call 7ff651745230 796->806 807 7ff651746c74-7ff651746c80 call 7ff651742960 796->807 802 7ff651746e7c-7ff651746ea5 call 7ff6517452f0 call 7ff6517459f0 797->802 817 7ff651746ca1-7ff651746cad call 7ff651742960 806->817 818 7ff651746cb2-7ff651746ce7 call 7ff651742770 * 2 call 7ff651745530 806->818 807->802 817->802 828 7ff651746ce9-7ff651746cf5 call 7ff651742960 818->828 829 7ff651746cfa-7ff651746d13 call 7ff651742770 call 7ff6517455f0 818->829 828->802 836 7ff651746d26-7ff651746d3f call 7ff651742770 call 7ff6517453e0 829->836 837 7ff651746d15-7ff651746d21 call 7ff651742960 829->837 844 7ff651746d41-7ff651746d4d call 7ff651742960 836->844 845 7ff651746d52-7ff651746d6b call 7ff651742770 call 7ff6517453d0 836->845 837->802 844->802 852 7ff651746d6d-7ff651746d79 call 7ff651742960 845->852 853 7ff651746d7e-7ff651746d9a call 7ff651742770 call 7ff6517456c0 845->853 852->802 860 7ff651746dad-7ff651746dbd call 7ff651742770 853->860 861 7ff651746d9c-7ff651746da8 call 7ff651742960 853->861 866 7ff651746dbf-7ff651746dde call 7ff651756280 call 7ff651758140 call 7ff651756280 call 7ff651758140 860->866 867 7ff651746de3-7ff651746e37 SetErrorMode * 2 860->867 861->802 866->867 872 7ff651746e42-7ff651746e44 867->872 874 7ff651746e46-7ff651746e78 call 7ff651742960 872->874 875 7ff651746e7a 872->875 874->802 875->802
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentProcess
                                                                                                                                                                                                      • String ID: Failed to allocate PyConfig structure! Unsupported python version?$Failed to parse run-time options!$Failed to pre-initialize embedded python interpreter!$Failed to set module search paths!$Failed to set program name!$Failed to set python home path!$Failed to set run-time options!$Failed to set sys.argv!$Failed to start embedded python interpreter!$LOADER: applying run-time options...$LOADER: creating PyConfig structure...$LOADER: initializing interpreter configuration...$LOADER: pre-initializing embedded python interpreter...$LOADER: setting module search paths...$LOADER: setting program name...$LOADER: setting python home path...$LOADER: setting sys.argv...$LOADER: starting embedded python interpreter...
                                                                                                                                                                                                      • API String ID: 2050909247-1204188993
                                                                                                                                                                                                      • Opcode ID: 76de96e28c80a5ae17d023ec4a0a086a80431369d4b6210839ebd9dfb883ac9a
                                                                                                                                                                                                      • Instruction ID: 5fc45082f0d361485ba663dd972f071dc4ed5f73ac9e8f99fff33939cd6e3876
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 76de96e28c80a5ae17d023ec4a0a086a80431369d4b6210839ebd9dfb883ac9a
                                                                                                                                                                                                      • Instruction Fuzzy Hash: E7611B11A0C64791FB11EB6DE8511B96360BF94B80F4C0031EA8EE26AFEFACF585C754
                                                                                                                                                                                                      Function 00007FF651741950 Relevance: 29.9, APIs: 2, Strings: 15, Instructions: 199COMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                      control_flow_graph 882 7ff651741950-7ff65174199d call 7ff651742770 call 7ff651744c50 887 7ff65174199f-7ff6517419b0 call 7ff651742770 882->887 888 7ff6517419b5-7ff6517419f5 call 7ff6517488f0 882->888 895 7ff651741c8e-7ff651741cb2 call 7ff65174d3e0 887->895 893 7ff651741a08-7ff651741a27 call 7ff651742770 call 7ff651751564 888->893 894 7ff6517419f7-7ff651741a03 call 7ff651742770 888->894 906 7ff651741a29-7ff651741a43 call 7ff651755d98 call 7ff651742b70 893->906 907 7ff651741a48-7ff651741a64 call 7ff65175122c 893->907 902 7ff651741c7b-7ff651741c7e call 7ff651750edc 894->902 908 7ff651741c83-7ff651741c8b 902->908 906->902 913 7ff651741a66-7ff651741a80 call 7ff651755d98 call 7ff651742b70 907->913 914 7ff651741a85-7ff651741a9a call 7ff651755db8 907->914 908->895 913->902 922 7ff651741a9c-7ff651741ab6 call 7ff651755d98 call 7ff651742b70 914->922 923 7ff651741abb-7ff651741b45 call 7ff651741cc0 * 2 call 7ff651751564 call 7ff651755dd4 914->923 922->902 936 7ff651741b4a-7ff651741b54 923->936 937 7ff651741b56-7ff651741b70 call 7ff651755d98 call 7ff651742b70 936->937 938 7ff651741b75-7ff651741b8e call 7ff65175122c 936->938 937->902 944 7ff651741b90-7ff651741baa call 7ff651755d98 call 7ff651742b70 938->944 945 7ff651741baf-7ff651741bcb call 7ff651750fa0 938->945 944->902 952 7ff651741bcd-7ff651741bd9 call 7ff651742960 945->952 953 7ff651741bde-7ff651741bec 945->953 952->902 953->902 956 7ff651741bf2-7ff651741bf9 953->956 958 7ff651741c01-7ff651741c07 956->958 959 7ff651741c09-7ff651741c16 958->959 960 7ff651741c20-7ff651741c2f 958->960 961 7ff651741c31-7ff651741c3a 959->961 960->960 960->961 962 7ff651741c3c-7ff651741c3f 961->962 963 7ff651741c4f 961->963 962->963 964 7ff651741c41-7ff651741c44 962->964 965 7ff651741c51-7ff651741c64 963->965 964->963 966 7ff651741c46-7ff651741c49 964->966 967 7ff651741c66 965->967 968 7ff651741c6d-7ff651741c79 965->968 966->963 969 7ff651741c4b-7ff651741c4d 966->969 967->968 968->902 968->958 969->965
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: DebugOutputString
                                                                                                                                                                                                      • String ID: Could not allocate buffer for TOC!$Could not allocate memory for archive structure!$Could not read full TOC!$Error on file.$Failed to read cookie!$Failed to seek to cookie position!$LOADER: attempting to open archive %s$LOADER: cannot find cookie!$LOADER: cannot open archive: %s$LOADER: cookie found at offset 0x%llX$MEI$calloc$fread$fseek$malloc
                                                                                                                                                                                                      • API String ID: 1166629820-2612702325
                                                                                                                                                                                                      • Opcode ID: b1a98de62e7face5b3665d398b025f469994e3b0e784ec9b14af11c5f99a690a
                                                                                                                                                                                                      • Instruction ID: ab5f9cea90fb6fc173e7edca42b47cbb08ab1847b97952916f91916874d57835
                                                                                                                                                                                                      • Opcode Fuzzy Hash: b1a98de62e7face5b3665d398b025f469994e3b0e784ec9b14af11c5f99a690a
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 88917F31A0868686EB10EB2CE4542F933A1EF88784F484432D98EE779FDEBCF5458744
                                                                                                                                                                                                      Function 00007FF8328B8D30 Relevance: 29.9, APIs: 16, Strings: 1, Instructions: 143COMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                      control_flow_graph 970 7ff8328b8d30-7ff8328b8d48 971 7ff8328b8d4a-7ff8328b8d57 970->971 972 7ff8328b8d58-7ff8328b8d77 PyModule_Create2 970->972 973 7ff8328b8e35-7ff8328b8e38 972->973 974 7ff8328b8d7d-7ff8328b8da4 PyObject_GetAttrString PyModule_GetDict 972->974 975 7ff8328b8e3a-7ff8328b8e45 973->975 976 7ff8328b8e4d-7ff8328b8e50 973->976 977 7ff8328b8daa-7ff8328b8db0 974->977 978 7ff8328b8e2e 974->978 975->976 979 7ff8328b8e47 _Py_Dealloc 975->979 982 7ff8328b8e52-7ff8328b8e56 976->982 983 7ff8328b8e61-7ff8328b8e6b 976->983 980 7ff8328b8db2-7ff8328b8df8 call 7ff8328b4270 977->980 981 7ff8328b8e04 call 7ff8328c1ff0 977->981 978->973 979->976 980->978 994 7ff8328b8dfa 980->994 990 7ff8328b8e09-7ff8328b8e0b 981->990 982->983 985 7ff8328b8e58-7ff8328b8e5b _Py_Dealloc 982->985 986 7ff8328b8e80-7ff8328b8e8a 983->986 987 7ff8328b8e6d-7ff8328b8e78 983->987 985->983 991 7ff8328b8e9f-7ff8328b8ea9 986->991 992 7ff8328b8e8c-7ff8328b8e97 986->992 987->986 989 7ff8328b8e7a _Py_Dealloc 987->989 989->986 990->978 998 7ff8328b8e0d-7ff8328b8e11 990->998 996 7ff8328b8eab-7ff8328b8eb6 991->996 997 7ff8328b8ebe-7ff8328b8ec8 991->997 992->991 995 7ff8328b8e99 _Py_Dealloc 992->995 994->981 995->991 996->997 1001 7ff8328b8eb8 _Py_Dealloc 996->1001 1002 7ff8328b8eca-7ff8328b8ed5 997->1002 1003 7ff8328b8edd-7ff8328b8ee7 997->1003 999 7ff8328b8e13-7ff8328b8e16 _Py_Dealloc 998->999 1000 7ff8328b8e1c-7ff8328b8e2d 998->1000 999->1000 1001->997 1002->1003 1004 7ff8328b8ed7 _Py_Dealloc 1002->1004 1005 7ff8328b8ee9-7ff8328b8ef4 1003->1005 1006 7ff8328b8efc-7ff8328b8f06 1003->1006 1004->1003 1005->1006 1007 7ff8328b8ef6 _Py_Dealloc 1005->1007 1008 7ff8328b8f1b-7ff8328b8f25 1006->1008 1009 7ff8328b8f08-7ff8328b8f13 1006->1009 1007->1006 1010 7ff8328b8f27-7ff8328b8f32 1008->1010 1011 7ff8328b8f3a-7ff8328b8f44 1008->1011 1009->1008 1012 7ff8328b8f15 _Py_Dealloc 1009->1012 1010->1011 1013 7ff8328b8f34 _Py_Dealloc 1010->1013 1014 7ff8328b8f46-7ff8328b8f51 1011->1014 1015 7ff8328b8f59-7ff8328b8f63 1011->1015 1012->1008 1013->1011 1014->1015 1016 7ff8328b8f53 _Py_Dealloc 1014->1016 1017 7ff8328b8f65-7ff8328b8f70 1015->1017 1018 7ff8328b8f78-7ff8328b8f82 1015->1018 1016->1015 1017->1018 1019 7ff8328b8f72 _Py_Dealloc 1017->1019 1020 7ff8328b8f97-7ff8328b8fa3 1018->1020 1021 7ff8328b8f84-7ff8328b8f8f 1018->1021 1019->1018 1021->1020 1022 7ff8328b8f91 _Py_Dealloc 1021->1022 1022->1020
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685906558.00007FF8328B1000.00000020.00000001.01000000.00000012.sdmp, Offset: 00007FF8328B0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685870583.00007FF8328B0000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685947239.00007FF8328C5000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685983863.00007FF8328CB000.00000004.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1686019669.00007FF8328CF000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff8328b0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Module_$AttrCreate2DeallocDictObject_String
                                                                                                                                                                                                      • String ID: __name__
                                                                                                                                                                                                      • API String ID: 2272293537-3954359393
                                                                                                                                                                                                      • Opcode ID: c7dfa23e24619b3b6a6b2c70335f91a3b917a3ce639685580eccec247397ed14
                                                                                                                                                                                                      • Instruction ID: 3378642f2dc2fb4319f37c5f4dccd10dcdf64acc488b97ccab895cee6a38c96d
                                                                                                                                                                                                      • Opcode Fuzzy Hash: c7dfa23e24619b3b6a6b2c70335f91a3b917a3ce639685580eccec247397ed14
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 6671A038F0AA2A81FE559B65BC541B5B3A4BF84BD0F584938CA1D43A74DFBCB840A340
                                                                                                                                                                                                      Function 00007FF8328B46E0 Relevance: 29.9, APIs: 15, Strings: 2, Instructions: 118COMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685906558.00007FF8328B1000.00000020.00000001.01000000.00000012.sdmp, Offset: 00007FF8328B0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685870583.00007FF8328B0000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685947239.00007FF8328C5000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685983863.00007FF8328CB000.00000004.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1686019669.00007FF8328CF000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff8328b0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Dealloc$ItemObject_$Err_FormatFromImportObjectUnicode_$AttrClearDict_ErrorFilenameImport_LevelModuleModule_
                                                                                                                                                                                                      • String ID: %U.%U$cannot import name %R from %R (%S)
                                                                                                                                                                                                      • API String ID: 3630264407-438398067
                                                                                                                                                                                                      • Opcode ID: 6c93363f3a041544119e73659b1bd69e60de92cf4ac8987f66f4c27ced5c75bf
                                                                                                                                                                                                      • Instruction ID: 5dd1135a2627387ce3b6b4aab8bbad3f62cfd0695350471f471dca19d6760ad0
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 6c93363f3a041544119e73659b1bd69e60de92cf4ac8987f66f4c27ced5c75bf
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 87416471F0AA9681EE549F66AC142BAA3A0FB45FD4F448435CE4E17764DFBCE445E300
                                                                                                                                                                                                      Function 00007FF6517421C0 Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 120COMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: MoveWindow$ObjectSelect$DrawReleaseText
                                                                                                                                                                                                      • String ID: P%
                                                                                                                                                                                                      • API String ID: 2147705588-2959514604
                                                                                                                                                                                                      • Opcode ID: 3500614061f5ceb163c3b7033a707fbd0e5c5059e6765f43b08d1a25968858d7
                                                                                                                                                                                                      • Instruction ID: aec2fc83917ab3110ab5652c791cfe80e63c0fbbdefc65bd3d45218d93d23d45
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 3500614061f5ceb163c3b7033a707fbd0e5c5059e6765f43b08d1a25968858d7
                                                                                                                                                                                                      • Instruction Fuzzy Hash: AB51F526618BA186D7249F36F4181BABBA1FB98B65F044121EFCF83699DF3CD045DB10
                                                                                                                                                                                                      Function 00007FF651741470 Relevance: 14.1, APIs: 1, Strings: 7, Instructions: 107COMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentProcess
                                                                                                                                                                                                      • String ID: Failed to extract %s: failed to allocate data buffer (%u bytes)!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$fread$fseek$malloc
                                                                                                                                                                                                      • API String ID: 2050909247-3659356012
                                                                                                                                                                                                      • Opcode ID: d3e38f389c0a4fef41d14293d96c6a2b611e2e3619649caaae3658b56427f215
                                                                                                                                                                                                      • Instruction ID: 09bb1422f60590cbf3d626142f696e2ba6b9fd841e1ff06f68dae0271ebdf72a
                                                                                                                                                                                                      • Opcode Fuzzy Hash: d3e38f389c0a4fef41d14293d96c6a2b611e2e3619649caaae3658b56427f215
                                                                                                                                                                                                      • Instruction Fuzzy Hash: F6419E22A0868686EB10EB29E4401F9B390EF44794F5C4932ED5DA7B9FDE7CF5428744
                                                                                                                                                                                                      Function 00007FF651743B40 Relevance: 14.1, APIs: 2, Strings: 6, Instructions: 66COMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetModuleFileNameW.KERNEL32(?,00007FF651743CC2), ref: 00007FF651743B71
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,00007FF651743CC2), ref: 00007FF651743B7B
                                                                                                                                                                                                        • Part of subcall function 00007FF651742EC0: GetCurrentProcessId.KERNEL32(?,?,?,?,?,?,?,?,00007FF651743B96,?,00007FF651743CC2), ref: 00007FF651742F0E
                                                                                                                                                                                                        • Part of subcall function 00007FF651742EC0: FormatMessageW.KERNEL32(?,?,?,?,?,?,?,?,00007FF651743B96,?,00007FF651743CC2), ref: 00007FF651742FD3
                                                                                                                                                                                                        • Part of subcall function 00007FF651742EC0: OutputDebugStringW.KERNEL32(?,?,?,?,?,?,?,00007FF651743B96,?,00007FF651743CC2), ref: 00007FF651742FF4
                                                                                                                                                                                                        • Part of subcall function 00007FF651742EC0: MessageBoxW.USER32 ref: 00007FF651743014
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Message$CurrentDebugErrorFileFormatLastModuleNameOutputProcessString
                                                                                                                                                                                                      • String ID: Failed to convert executable path to UTF-8.$Failed to obtain executable path.$Failed to resolve full path to executable %ls.$GetModuleFileNameW$LOADER: executable file %ls is a symbolic link - resolving...$\\?\
                                                                                                                                                                                                      • API String ID: 1136975792-3595768550
                                                                                                                                                                                                      • Opcode ID: 3f0d2045d867ba6a9036b7ecfe629d26dc74542ff17c6d43d71c23cd2c6b008d
                                                                                                                                                                                                      • Instruction ID: 759c783d5b66758d54ea41bd796b4dd84476865b2de10e960ec2e3b0214939cc
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 3f0d2045d867ba6a9036b7ecfe629d26dc74542ff17c6d43d71c23cd2c6b008d
                                                                                                                                                                                                      • Instruction Fuzzy Hash: C8317521B1C55291FB61972DE8553B92251FF58384F880132E9DEE25DFEFACE604C704
                                                                                                                                                                                                      Function 00007FF651746A60 Relevance: 13.6, APIs: 1, Strings: 8, Instructions: 88COMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentProcess
                                                                                                                                                                                                      • String ID: Failed to load Python DLL '%ls'.$LOADER: loading Python shared library: %s$LOADER: ucrtbase.dll found: %s$LoadLibrary$Path of Python shared library (%s) and its name (%s) exceed buffer size (%d)$Path of ucrtbase.dll (%s) and its name exceed buffer size (%d)$Reported length (%d) of Python shared library name (%s) exceeds buffer size (%d)$ucrtbase.dll
                                                                                                                                                                                                      • API String ID: 2050909247-523516585
                                                                                                                                                                                                      • Opcode ID: f5f4f5ab4b98f1ab22b91cfebf5103914fc62f94b6539b1a9f929637929838af
                                                                                                                                                                                                      • Instruction ID: 86970b8c47339debfa7b7dd151718a31e45f94cbeb6b5b6fbf3400f460718a7b
                                                                                                                                                                                                      • Opcode Fuzzy Hash: f5f4f5ab4b98f1ab22b91cfebf5103914fc62f94b6539b1a9f929637929838af
                                                                                                                                                                                                      • Instruction Fuzzy Hash: D0418131A1CA8B91EB21DB68E4441E96351FF44384F980132E69DE369FEFBCE655C740
                                                                                                                                                                                                      Function 00007FF651741210 Relevance: 12.4, APIs: 1, Strings: 6, Instructions: 158COMMON
                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                      control_flow_graph 1358 7ff651741210-7ff65174126d call 7ff65174cc10 1361 7ff651741297-7ff6517412af call 7ff651755dd4 1358->1361 1362 7ff65174126f-7ff651741296 call 7ff651742960 1358->1362 1367 7ff6517412b1-7ff6517412cf call 7ff651755d98 call 7ff651742b70 1361->1367 1368 7ff6517412d4-7ff6517412e4 call 7ff651755dd4 1361->1368 1379 7ff651741439-7ff65174146d call 7ff65174c8f0 call 7ff651755dc0 * 2 1367->1379 1374 7ff651741309-7ff65174131b 1368->1374 1375 7ff6517412e6-7ff651741304 call 7ff651755d98 call 7ff651742b70 1368->1375 1378 7ff651741320-7ff651741345 call 7ff65175122c 1374->1378 1375->1379 1387 7ff65174134b-7ff651741355 call 7ff651750fa0 1378->1387 1388 7ff651741431 1378->1388 1387->1388 1394 7ff65174135b-7ff651741367 1387->1394 1388->1379 1396 7ff651741370-7ff651741398 call 7ff65174b050 1394->1396 1399 7ff651741416-7ff65174142c call 7ff651742960 1396->1399 1400 7ff65174139a-7ff65174139d 1396->1400 1399->1388 1401 7ff651741411 1400->1401 1402 7ff65174139f-7ff6517413a9 1400->1402 1401->1399 1404 7ff6517413ab-7ff6517413b9 call 7ff65175196c 1402->1404 1405 7ff6517413d4-7ff6517413d7 1402->1405 1411 7ff6517413be-7ff6517413c1 1404->1411 1406 7ff6517413d9-7ff6517413e7 call 7ff65176acc0 1405->1406 1407 7ff6517413ea-7ff6517413ef 1405->1407 1406->1407 1407->1396 1410 7ff6517413f5-7ff6517413f8 1407->1410 1413 7ff65174140c-7ff65174140f 1410->1413 1414 7ff6517413fa-7ff6517413fd 1410->1414 1415 7ff6517413cf-7ff6517413d2 1411->1415 1416 7ff6517413c3-7ff6517413cd call 7ff651750fa0 1411->1416 1413->1388 1414->1399 1417 7ff6517413ff-7ff651741407 1414->1417 1415->1399 1416->1407 1416->1415 1417->1378
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentProcess
                                                                                                                                                                                                      • String ID: 1.3.1$Failed to extract %s: decompression resulted in return code %d!$Failed to extract %s: failed to allocate temporary input buffer!$Failed to extract %s: failed to allocate temporary output buffer!$Failed to extract %s: inflateInit() failed with return code %d!$malloc
                                                                                                                                                                                                      • API String ID: 2050909247-2813020118
                                                                                                                                                                                                      • Opcode ID: 94e75e3f23fe757e571664184b9b2a8f73626f214d7e78c7775f0fbb2bbdd99f
                                                                                                                                                                                                      • Instruction ID: 8e397e356f98320dc4b05d9ae4ae92af8fe08c282ed519b87bd3cfe2fb9dec68
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 94e75e3f23fe757e571664184b9b2a8f73626f214d7e78c7775f0fbb2bbdd99f
                                                                                                                                                                                                      • Instruction Fuzzy Hash: D551A022A0868282E760AB19E4403BA6290FF85794F5C4535EE8DE7B8FEF7CE445C700
                                                                                                                                                                                                      Function 00007FF65175C8EC Relevance: 10.8, APIs: 7, Instructions: 290COMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3215553584-0
                                                                                                                                                                                                      • Opcode ID: f15b985ce3f152b18b66d5b07577823b310100741c724b4bc4395fbed96f4122
                                                                                                                                                                                                      • Instruction ID: d65e080deb78bdacdb93c8e2ae4261ae1abd16cb24f61b9817e3c15549b8e9d9
                                                                                                                                                                                                      • Opcode Fuzzy Hash: f15b985ce3f152b18b66d5b07577823b310100741c724b4bc4395fbed96f4122
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 54C1C222A0D78653E7608B1994443BD7BA9EB81B80F5E4931DA4EA379BDF7CE8458340
                                                                                                                                                                                                      Function 00007FF6517488F0 Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 101COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: DebugOutputString
                                                                                                                                                                                                      • String ID: LOADER: failed to allocate read buffer (%d bytes)!$LOADER: failed to read chunk (%zd bytes)!$LOADER: failed to seek to the end of the file!$LOADER: failed to seek to the offset 0x%llX!$LOADER: file is too short to contain magic pattern!
                                                                                                                                                                                                      • API String ID: 1166629820-3243231480
                                                                                                                                                                                                      • Opcode ID: 1f712d96750499e9c3273271098d8a7871214fc016dd1bc1211e10cb2011faa8
                                                                                                                                                                                                      • Instruction ID: 34979f0c843810f13b2b4563f8476f8d384a720747b9706fa7c2b146aeb1bdd0
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 1f712d96750499e9c3273271098d8a7871214fc016dd1bc1211e10cb2011faa8
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 10318E11B5C65A42FB10ABAAA8143BA5251BF45BC4F8C1431DD8EE7B8FDEBCF5468300
                                                                                                                                                                                                      Function 00007FF6517423D0 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 81windowCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: DeleteDestroyDialogHandleIconIndirectModuleObjectParam
                                                                                                                                                                                                      • String ID: Unhandled exception in script
                                                                                                                                                                                                      • API String ID: 3081866767-2699770090
                                                                                                                                                                                                      • Opcode ID: b21ab4fc2469cdafa3bedd3abf99b7b0ea163460fac471fc1db15480bf9fa156
                                                                                                                                                                                                      • Instruction ID: e23188b043cd35ae70fdf5923b82be0e49c2dfaddd8a4d096202cbef238b9ef2
                                                                                                                                                                                                      • Opcode Fuzzy Hash: b21ab4fc2469cdafa3bedd3abf99b7b0ea163460fac471fc1db15480bf9fa156
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 02315076A09A8285EB20DF69E8552FA7360FF88788F480135EA4D9BB5EDF3CD145C700
                                                                                                                                                                                                      Function 00007FF651742770 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 66COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: DebugOutputString
                                                                                                                                                                                                      • String ID: DEBUG$[PYI-%d:%s]
                                                                                                                                                                                                      • API String ID: 1166629820-1289759194
                                                                                                                                                                                                      • Opcode ID: 4e2da7be96e34044e3c8c2166f3068f10969eb6c46fedfa1a9fbf2f37b8a8d35
                                                                                                                                                                                                      • Instruction ID: d9fb707385d4b4970c23c75bc2520a15931667840b757bd2a5b9f411f534c52c
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 4e2da7be96e34044e3c8c2166f3068f10969eb6c46fedfa1a9fbf2f37b8a8d35
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 6D219422619B8292E7219B54F8516EA7368FF847C0F440035FACD93A5EEF7CE255C700
                                                                                                                                                                                                      Function 00007FF651742880 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 57COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF651743BC3,?,00007FF651743CC2), ref: 00007FF6517428CE
                                                                                                                                                                                                      • OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF651743BC3,?,00007FF651743CC2), ref: 00007FF651742938
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentDebugOutputProcessString
                                                                                                                                                                                                      • String ID: DEBUG$[PYI-%d:%ls]
                                                                                                                                                                                                      • API String ID: 181776342-790511422
                                                                                                                                                                                                      • Opcode ID: bc909d26c9dc07dfb65630bf97fe78a0f14605aa939dcb74c70597dff8d1da7a
                                                                                                                                                                                                      • Instruction ID: 7e22f158c00062a2fcf9b2d2f84df83ef673d359572449fd12af0d9bf73c5b9f
                                                                                                                                                                                                      • Opcode Fuzzy Hash: bc909d26c9dc07dfb65630bf97fe78a0f14605aa939dcb74c70597dff8d1da7a
                                                                                                                                                                                                      • Instruction Fuzzy Hash: F7118422718B8192E7109B54F8445AA7764FB887C0F440135EACDA3A5EDF7CE255C700
                                                                                                                                                                                                      Function 00007FF6517564B8 Relevance: 6.1, APIs: 4, Instructions: 90fileCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CloseCreateFileHandle_invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 1279662727-0
                                                                                                                                                                                                      • Opcode ID: d185cbf4a60f5ae576ca3d227a4fa15dfbff37ed7af454cf93889846c7a247a9
                                                                                                                                                                                                      • Instruction ID: f16d32365a8149ee6e828075e814cfabf9e0821b752aef5206d683066678cdf4
                                                                                                                                                                                                      • Opcode Fuzzy Hash: d185cbf4a60f5ae576ca3d227a4fa15dfbff37ed7af454cf93889846c7a247a9
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 7C41C162D1878283F7508B2495503797360FF947A4F199335E69CA3ADAEF7CA5E08704
                                                                                                                                                                                                      Function 00007FF651742100 Relevance: 6.1, APIs: 4, Instructions: 52COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: LongWindow$DialogInvalidateRect
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 1956198572-0
                                                                                                                                                                                                      • Opcode ID: 0d6a54b01a0c48151da7b8fe57f6b19d6aed648dbf882a6b24d0b939765cf479
                                                                                                                                                                                                      • Instruction ID: 51ffec2e069e4c5efd3b11f1be0ed45dce48b0c8bcff1d9e9fd2aa53c31bf8fb
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 0d6a54b01a0c48151da7b8fe57f6b19d6aed648dbf882a6b24d0b939765cf479
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 5E110825E0C14642FB549B6EF9446B92692EFC9780F8C8031DF8997B9FCD7CE8D54600
                                                                                                                                                                                                      Function 00007FF65174DACC Relevance: 4.6, APIs: 3, Instructions: 94COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: __scrt_acquire_startup_lock__scrt_dllmain_crt_thread_attach__scrt_get_show_window_mode__scrt_release_startup_lock
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3251591375-0
                                                                                                                                                                                                      • Opcode ID: 16d03e73980375e06462375b2106f8ecdc7d8f81dd6b90faf4ae389839a669cc
                                                                                                                                                                                                      • Instruction ID: e8f0823f6fbf4c855ea9501521903fb0e8a4a98f26929ee949405b18a6a8c2ca
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 16d03e73980375e06462375b2106f8ecdc7d8f81dd6b90faf4ae389839a669cc
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 88319E28E0C64386FB20AB6CD4513B922919FA0344F4D4439E9CDF76DFDEACAA44C254
                                                                                                                                                                                                      Function 00007FF65175A8C0 Relevance: 4.5, APIs: 3, Instructions: 14COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Process$CurrentExitTerminate
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 1703294689-0
                                                                                                                                                                                                      • Opcode ID: b76257344a5b50ebda4ee83f8be65098c3a4b9f4f631976851ec82effe05ecc4
                                                                                                                                                                                                      • Instruction ID: ba47d045e18a712abcf8746c78861d490e5d7edc9b95d136e4086f54660b965d
                                                                                                                                                                                                      • Opcode Fuzzy Hash: b76257344a5b50ebda4ee83f8be65098c3a4b9f4f631976851ec82effe05ecc4
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 78D09254B48B4A87FB182BB95C9507822A15F99B41F1D183DC84BB639BDE3CA84A8241
                                                                                                                                                                                                      Function 00007FF651750FCC Relevance: 3.2, APIs: 2, Instructions: 177COMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3215553584-0
                                                                                                                                                                                                      • Opcode ID: 96884a4a3539bb240153a1accf893d2f9df282063f616c0c469399cf1f6d866f
                                                                                                                                                                                                      • Instruction ID: 6687eea7eb2d7bf9402647da4925fd34243b1a7988d6727f77c8d7e51a7bd6fe
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 96884a4a3539bb240153a1accf893d2f9df282063f616c0c469399cf1f6d866f
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 1151E661B0928587FB289A2E980067A6691BF45BA5F1E8734DD7CE77CFEF3CD4018601
                                                                                                                                                                                                      Function 00007FF65175CFC4 Relevance: 3.0, APIs: 2, Instructions: 46COMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ErrorFileLastPointer
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2976181284-0
                                                                                                                                                                                                      • Opcode ID: 96d2edb60fa6006c921da832751023f9e82c24f7d036db6c415003cfc4d6a9e5
                                                                                                                                                                                                      • Instruction ID: 0fd2684e0fa1c589f8b9de47924f92629c04f347822bcc639224714ef93f96a8
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 96d2edb60fa6006c921da832751023f9e82c24f7d036db6c415003cfc4d6a9e5
                                                                                                                                                                                                      • Instruction Fuzzy Hash: D211C462618A8182DB208B29E4441697361EB44BF4F584331EE7D977EECF7CD1558700
                                                                                                                                                                                                      Function 00007FF65175B9E8 Relevance: 2.6, APIs: 2, Instructions: 59COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • CloseHandle.KERNEL32(?,?,?,00007FF65175B865,?,?,00000000,00007FF65175B91A), ref: 00007FF65175BA56
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,?,?,00007FF65175B865,?,?,00000000,00007FF65175B91A), ref: 00007FF65175BA60
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CloseErrorHandleLast
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 918212764-0
                                                                                                                                                                                                      • Opcode ID: 112934bd90ed67d7ea17ef96cdf701313af9393377a295654a3cf3f6e4ed98fb
                                                                                                                                                                                                      • Instruction ID: e5b4d058a53a081300f11aa851cbb62efb7b3215aa972a06f40eea00d0df741a
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 112934bd90ed67d7ea17ef96cdf701313af9393377a295654a3cf3f6e4ed98fb
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4621AE61F1868243FF50572D94D027922929F85BA5F1E4235EA2EE73DFCE7CE5458300
                                                                                                                                                                                                      Function 00007FF65175CD3C Relevance: 1.6, APIs: 1, Instructions: 112COMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3215553584-0
                                                                                                                                                                                                      • Opcode ID: 344e63662847237e0b97254d560fa1a354dc3eb6544fb98752088a82209b4f15
                                                                                                                                                                                                      • Instruction ID: 5eb40b1262d1ab241cbfff97ae52983635cff213c7586a87a7f9b58205f13d0b
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 344e63662847237e0b97254d560fa1a354dc3eb6544fb98752088a82209b4f15
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 3B41D032A0964583EB348B2DA58027977A4EF5AF40F190531DA8EE769BCF3CE442C790
                                                                                                                                                                                                      Function 00007FF65175C7CC Relevance: 1.6, APIs: 1, Instructions: 79COMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3215553584-0
                                                                                                                                                                                                      • Opcode ID: 80921bc84da075a198c8dc568ab56c815ecc283854dc6cd5fe02cf1a5eab9509
                                                                                                                                                                                                      • Instruction ID: bc8fa3254297e186de6200aeebf758595058541dbc65c20356962f4b9ecf1c3c
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 80921bc84da075a198c8dc568ab56c815ecc283854dc6cd5fe02cf1a5eab9509
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 2F319022E1961297F7116B1D888137C2764AF44BA0F5A0635E92DE33DBCFBCF4828751
                                                                                                                                                                                                      Function 00007FF65175A7F1 Relevance: 1.6, APIs: 1, Instructions: 61COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: HandleModule$AddressFreeLibraryProc
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3947729631-0
                                                                                                                                                                                                      • Opcode ID: 5c87d5e2cdc2aee00809c2c9bd46e42fe3ca8807361521a4afe60ccc332579e8
                                                                                                                                                                                                      • Instruction ID: d03f3164640d74032c043d41867083d51385bbc82e12510fee43bf31ff8fe65a
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 5c87d5e2cdc2aee00809c2c9bd46e42fe3ca8807361521a4afe60ccc332579e8
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 99217F32E04F858AFB658F68C4402FC37A0EB54718F494635D61DA7ADADF38E545CB80
                                                                                                                                                                                                      Function 00007FF651756E24 Relevance: 1.6, APIs: 1, Instructions: 55COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3215553584-0
                                                                                                                                                                                                      • Opcode ID: d0ecc1d4814c8292f6d285d86e9f4332b8d7141ecd04c52723bb65a1ba9d936a
                                                                                                                                                                                                      • Instruction ID: 395daaa41463274c1299a712b9f82f1c02f82cfe0ad424fa98c8a7525546b943
                                                                                                                                                                                                      • Opcode Fuzzy Hash: d0ecc1d4814c8292f6d285d86e9f4332b8d7141ecd04c52723bb65a1ba9d936a
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 47114F22A1C74183EF60AF59D40027DA260AF85B80F4A4831FA4CA7A9FDF3DD590C744
                                                                                                                                                                                                      Function 00007FF6517671E4 Relevance: 1.6, APIs: 1, Instructions: 54COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3215553584-0
                                                                                                                                                                                                      • Opcode ID: 1efe6439c1f0d71c5b97f8069ea4f116aceac123a977d1e365d726560a3bc520
                                                                                                                                                                                                      • Instruction ID: fafd1db2556ae763cf6f8ba92d86dd1815e88a9374e810533e4fe74e65c844ad
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 1efe6439c1f0d71c5b97f8069ea4f116aceac123a977d1e365d726560a3bc520
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 1F2183726086868BDB619F2DD44037977B1AB84B94F1C4234EB9D976DEDF3CD8018B00
                                                                                                                                                                                                      Function 00007FF65175124C Relevance: 1.5, APIs: 1, Instructions: 48COMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3215553584-0
                                                                                                                                                                                                      • Opcode ID: 8e9754deeba93abb4745aa2efb451e77357aefa8fb0fbddb16feb6c8c90fdd62
                                                                                                                                                                                                      • Instruction ID: 86ea47307582645f681f6e4f772fab9f26b640449141d38118afb840c399eaee
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 8e9754deeba93abb4745aa2efb451e77357aefa8fb0fbddb16feb6c8c90fdd62
                                                                                                                                                                                                      • Instruction Fuzzy Hash: B301A161B0874642EB04AB5A9901179A791BF86FE0F0D4631EE6CA7BDFDF3CD4018300
                                                                                                                                                                                                      Function 00007FF651749E00 Relevance: 1.5, APIs: 1, Instructions: 19libraryCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                        • Part of subcall function 00007FF65174A220: MultiByteToWideChar.KERNEL32(?,?,?,00007FF651743CB6), ref: 00007FF65174A259
                                                                                                                                                                                                      • LoadLibraryExW.KERNEL32(?,00007FF651746B9B,?,00007FF6517435EE), ref: 00007FF651749E22
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ByteCharLibraryLoadMultiWide
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2592636585-0
                                                                                                                                                                                                      • Opcode ID: 0ba4ba0886fdba962a4c10cd5da52061db09c2fc3119bec6b34d6e825f600a8c
                                                                                                                                                                                                      • Instruction ID: 5c83dbdea5a6c13e9afbd2d902a0da93c8c26102ee66d09394a73fff0eaad1a4
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 0ba4ba0886fdba962a4c10cd5da52061db09c2fc3119bec6b34d6e825f600a8c
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 62D0C202F2865641FB44A76BBA8657951519FCABC0F4C9035EE5D53B4BDC3CD0810B00
                                                                                                                                                                                                      Function 00007FF820832B58 Relevance: 1.5, APIs: 1, Instructions: 12COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Free
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3978063606-0
                                                                                                                                                                                                      • Opcode ID: fb128cc568dcee73a38db5d6e8c2531c5ff05eb1f8ac0af479b44c2e35020676
                                                                                                                                                                                                      • Instruction ID: f2e63579db5821d546d7a2ffcdc461212e46ca5fa37b2fd38dc53ec83ee42f65
                                                                                                                                                                                                      • Opcode Fuzzy Hash: fb128cc568dcee73a38db5d6e8c2531c5ff05eb1f8ac0af479b44c2e35020676
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 9DC01226F064038BF70823398C6B2BE12905F98750F918039E40FC2BE1CD0CB8998B00
                                                                                                                                                                                                      Function 00007FF65175E48C Relevance: 1.3, APIs: 1, Instructions: 29memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • HeapAlloc.KERNEL32(?,?,?,00007FF651751A74,?,?,?,00007FF651752F86,?,?,?,?,?,00007FF651754579), ref: 00007FF65175E4CA
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: AllocHeap
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 4292702814-0
                                                                                                                                                                                                      • Opcode ID: efacbb839d677795a0d989681b51e67fb8ba832133a292f9e9a9629c8f364437
                                                                                                                                                                                                      • Instruction ID: eb3102185389ea7552129614af7010a805cf02fa4ae94ca86513eee9f0664e3b
                                                                                                                                                                                                      • Opcode Fuzzy Hash: efacbb839d677795a0d989681b51e67fb8ba832133a292f9e9a9629c8f364437
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 22F08201B0C20B43FFB416AA5945679A6804F44770F0E0730EE2EE52CBDE3CA4C08151

                                                                                                                                                                                                      Non-executed Functions

                                                                                                                                                                                                      Function 00007FF6517497F0 Relevance: 112.3, APIs: 36, Strings: 28, Instructions: 319synchronizationwindowregistryCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ErrorLast$MessageObjectProcessSingleWait$Window$CloseCreateHandlePeek$ByteCharClassCodeCommandConsoleCtrlCurrentDebugDestroyDispatchExitHandlerInfoLineMultiOutputRegisterShowStartupStringTerminateTranslateWide
                                                                                                                                                                                                      • String ID: CreateProcessW$Failed to create child process!$LOADER: TerminateProcess call failed (%d)$LOADER: WaitForSingleObject() failed with error code %d!$LOADER: child process has finished - exiting the wait loop!$LOADER: child process has finished.$LOADER: child process not terminated!$LOADER: child process started!$LOADER: child process terminated!$LOADER: creating hidden window to capture system shutdown events...$LOADER: done waiting for WM_QUERYENDSESSION - message received!$LOADER: done waiting for WM_QUERYENDSESSION - timed-out!$LOADER: entering the waiting loop...$LOADER: failed to create hidden window (%d)!$LOADER: failed to install console ctrl handler!$LOADER: failed to register hidden window class (%d)!$LOADER: handling console shutdown - giving the child %d ms to exit...$LOADER: hidden window created!$LOADER: made it out of the waiting loop!$LOADER: received console shutdown event - exiting the wait loop!$LOADER: received session shutdown signal via WM_QUERYENDSESSION; waiting for WM_ENDSESSION...$LOADER: retrieving process exit code and performing cleanup...$LOADER: setting up child process...$LOADER: terminating the child process...$LOADER: waited %lld ms / %d ms...$LOADER: waiting %d ms in case we receive WM_QUERYENDSESSION...$PyInstaller Onefile Hidden Window$PyInstallerOnefileHiddenWindow
                                                                                                                                                                                                      • API String ID: 247756579-819605309
                                                                                                                                                                                                      • Opcode ID: 9e68f0d3c1ae404164363dc681d093a88c430c894559e0f741e3528e3a4623fa
                                                                                                                                                                                                      • Instruction ID: 36797b3b173282b392f80cef93af6ef5bcbea2a05d2702cc67104de7012c0a46
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 9e68f0d3c1ae404164363dc681d093a88c430c894559e0f741e3528e3a4623fa
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 0AF17E21B08A8696FB14DB38E8502BD3764FF85754F480136EA9EE36AADF7CE554C700
                                                                                                                                                                                                      Function 00007FF8209E6100 Relevance: 31.9, APIs: 10, Strings: 8, Instructions: 351stringCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: strspn$strncmp$strcspn
                                                                                                                                                                                                      • String ID: $ $ ,$..\s\crypto\pem\pem_lib.c$DEK-Info:$ENCRYPTED$Expecting: $Proc-Type:
                                                                                                                                                                                                      • API String ID: 232339659-387852012
                                                                                                                                                                                                      • Opcode ID: 8be539a613429d7eb8b2d54264751394b79e397c948cf56b42e5174d40365310
                                                                                                                                                                                                      • Instruction ID: 770f32d2b3081e9ea894b03167e280d912d48ec2a388255f7b1ad9023b9dbf08
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 8be539a613429d7eb8b2d54264751394b79e397c948cf56b42e5174d40365310
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 11F14E62F0874686FB14CB629C446BD27A1BB49BC8F804036DA4E57796EF3CF91AC740
                                                                                                                                                                                                      Function 00007FF821D2FEB0 Relevance: 24.5, APIs: 16, Instructions: 493COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: log2$memset$memmove
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 1685334282-0
                                                                                                                                                                                                      • Opcode ID: d0ebc9dcb9b4dfbefd1d47e463b8048210ff77d408c872b9899fd701b123924b
                                                                                                                                                                                                      • Instruction ID: 99c738bdaeab36a4d5a38127c0926a4836fc79e6841db01c62e68d3a26c80513
                                                                                                                                                                                                      • Opcode Fuzzy Hash: d0ebc9dcb9b4dfbefd1d47e463b8048210ff77d408c872b9899fd701b123924b
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 80229F32E18F85C6EB1A9B2495403BAA765FF997C4F658332DB8E66754DF3CF0428600
                                                                                                                                                                                                      Function 00007FF821D2F400 Relevance: 24.5, APIs: 16, Instructions: 493COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: log2$memset$memmove
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 1685334282-0
                                                                                                                                                                                                      • Opcode ID: 1edd070486128180aaf4a9b6a699bce50f64173daa6afe7625103dfdb958fdbf
                                                                                                                                                                                                      • Instruction ID: 7f9fa55966ae45842efe0d3d83fbf33f64205dfccafc978a7ae67ea01c4aae60
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 1edd070486128180aaf4a9b6a699bce50f64173daa6afe7625103dfdb958fdbf
                                                                                                                                                                                                      • Instruction Fuzzy Hash: CC22DF32A18F85C6EB568A3499103BAB769FF557C4F258732DA9B63751DF3DF0828200
                                                                                                                                                                                                      Function 00007FF820832671 Relevance: 21.2, APIs: 7, Strings: 5, Instructions: 168COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: EnvironmentVariable$ByteCharMultiWide
                                                                                                                                                                                                      • String ID: .rnd$HOME$RANDFILE$SYSTEMROOT$USERPROFILE
                                                                                                                                                                                                      • API String ID: 2184640988-1666712896
                                                                                                                                                                                                      • Opcode ID: 6ae7bf8170fe4eb4311700b15542d8ceb35a2668fc38af68052a7f4661d56c96
                                                                                                                                                                                                      • Instruction ID: cf61ae702b54b2a832d68e7982c0ae205f803cce50a7a0ac7d6c196cd7babf15
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 6ae7bf8170fe4eb4311700b15542d8ceb35a2668fc38af68052a7f4661d56c96
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 7D618322608B8296EB158F259C5427A77A1EF49BE8B844231EE6F47BD5DF7DF405C300
                                                                                                                                                                                                      Function 00007FF82083322E Relevance: 19.8, APIs: 13, Instructions: 251fileCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ByteCharMultiWide_errno$FileFind$ErrorFirstLastNextfreemalloc
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2879850182-0
                                                                                                                                                                                                      • Opcode ID: 2d14182a43d6b154a267ad0b98e55e0737c9bb517ed9d516c0e43a6e55635043
                                                                                                                                                                                                      • Instruction ID: aeabcaf26e622b2145c583f8f9e50dad3180bdf524180a5456d8b555312ddd2b
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 2d14182a43d6b154a267ad0b98e55e0737c9bb517ed9d516c0e43a6e55635043
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 67B1A022A05A86C6EB209F25DC5827D67A0FF48BE5F948235DA5E537E6EF3CF5418300
                                                                                                                                                                                                      Function 00007FF821D26FC0 Relevance: 18.4, APIs: 12, Instructions: 450COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: log2
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 4048861018-0
                                                                                                                                                                                                      • Opcode ID: 1ba6ff57bb3133cb648baf168f3054a4e5542cce55b8d95569e4c63513385875
                                                                                                                                                                                                      • Instruction ID: c43e814db52639ebc90247a0e7ab25c12c0f4477aa366dd3db83eaf0985f7581
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 1ba6ff57bb3133cb648baf168f3054a4e5542cce55b8d95569e4c63513385875
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 3E02B172F58E01CEE757C63489413BAAB66AF253D4F268333E91BB6655DF3C70828600
                                                                                                                                                                                                      Function 00007FF651748E90 Relevance: 17.6, APIs: 6, Strings: 4, Instructions: 100fileCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • FindFirstFileW.KERNEL32(?,00007FF651749729,00007FF651743A80), ref: 00007FF651748EFB
                                                                                                                                                                                                      • RemoveDirectoryW.KERNEL32(?,00007FF651749729,00007FF651743A80), ref: 00007FF651748F86
                                                                                                                                                                                                      • DeleteFileW.KERNEL32(?,00007FF651749729,00007FF651743A80), ref: 00007FF651748FBB
                                                                                                                                                                                                      • FindNextFileW.KERNEL32(?,00007FF651749729,00007FF651743A80), ref: 00007FF651748FE1
                                                                                                                                                                                                      • FindClose.KERNEL32(?,00007FF651749729,00007FF651743A80), ref: 00007FF651748FF2
                                                                                                                                                                                                      • RemoveDirectoryW.KERNEL32(?,00007FF651749729,00007FF651743A80), ref: 00007FF651748FFB
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: FileFind$DirectoryRemove$CloseDeleteFirstNext
                                                                                                                                                                                                      • String ID: %s\*$LOADER: failed to remove directory symbolic link: %ls$LOADER: failed to remove directory: %ls$LOADER: failed to remove file: %ls
                                                                                                                                                                                                      • API String ID: 1057558799-1659351542
                                                                                                                                                                                                      • Opcode ID: f802805698d42e27875edb504d05d6784fb30aaadce349cc1165116ee08b7f93
                                                                                                                                                                                                      • Instruction ID: b47d5a1c2575a0821f87038bf5fc17fa8300ef0487ea8d73fe101b3ba20b8b22
                                                                                                                                                                                                      • Opcode Fuzzy Hash: f802805698d42e27875edb504d05d6784fb30aaadce349cc1165116ee08b7f93
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 97418221B0C547D1EB609B68E4541BA63A1FB94794F880532EBDEE36DEEF6CD50AC700
                                                                                                                                                                                                      Function 00007FF820711860 Relevance: 13.9, APIs: 9, Instructions: 437COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Mem_$SubtypeType_$DataFreeFromKindMallocReallocUnicode_
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 1742244024-0
                                                                                                                                                                                                      • Opcode ID: c9d9c4627cf2f8baa2e07995f47ef7262a1ee094cf9010b1a5e97e1c28034e83
                                                                                                                                                                                                      • Instruction ID: a04059eaab02152e641135a1167d01f5a21e7b3779929b1a4e3b0e41389f2bab
                                                                                                                                                                                                      • Opcode Fuzzy Hash: c9d9c4627cf2f8baa2e07995f47ef7262a1ee094cf9010b1a5e97e1c28034e83
                                                                                                                                                                                                      • Instruction Fuzzy Hash: D4020372B0C5928AEB648B14EC94679A7A1FF457C6F148135EA9E4ABD4EF3EF540C300
                                                                                                                                                                                                      Function 00007FF820713028 Relevance: 13.6, APIs: 9, Instructions: 72COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ExceptionFilterPresentUnhandledmemset$CaptureContextDebuggerEntryFeatureFunctionLookupProcessorUnwindVirtual
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 313767242-0
                                                                                                                                                                                                      • Opcode ID: bc038827588cf40f583b99cfdd4304ae94c893dbf377535741e30029c5cf38f6
                                                                                                                                                                                                      • Instruction ID: 8f3e0c5171b8229b0eb1a79bde02d4ba3cefded0d14985b7e39369cfb66d0a5f
                                                                                                                                                                                                      • Opcode Fuzzy Hash: bc038827588cf40f583b99cfdd4304ae94c893dbf377535741e30029c5cf38f6
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 23313E72609B8189EB609F60E8907EDB375FB88785F44443ADA4E47BD8DF39E648C710
                                                                                                                                                                                                      Function 00007FF821D27660 Relevance: 10.8, APIs: 7, Instructions: 267COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: log2$memset
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3759962277-0
                                                                                                                                                                                                      • Opcode ID: 0a616068c14d0cc25b55d560957346411adc6e39c4d7ed9e6f163420d756dbf1
                                                                                                                                                                                                      • Instruction ID: 0f5e1ee3d9165c15dbb1808a90ca164b763bdea15f4284ceb7282175a41e224c
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 0a616068c14d0cc25b55d560957346411adc6e39c4d7ed9e6f163420d756dbf1
                                                                                                                                                                                                      • Instruction Fuzzy Hash: D2B11522F18E55C9EB67863489003BAEA16AF657D4F26C333E95F67755DF7CB0828200
                                                                                                                                                                                                      Function 00007FF821D16F40 Relevance: 10.8, APIs: 5, Strings: 1, Instructions: 265COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: exitmemset
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2099101326-2920267241
                                                                                                                                                                                                      • Opcode ID: 1e7f654b3abe498549c85a9da2b5d6289def08c45c33cc899f933d97bd9daf92
                                                                                                                                                                                                      • Instruction ID: 0492e541881f2bfa68a9ee679a8efe4bc2437c747f615a5bb9fbb83b4fcd1141
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 1e7f654b3abe498549c85a9da2b5d6289def08c45c33cc899f933d97bd9daf92
                                                                                                                                                                                                      • Instruction Fuzzy Hash: BCC10476618F8486DB60CB16F8407AABBA4F789BC4F544126EE8C83B69DF38D155CB00
                                                                                                                                                                                                      Function 00007FF820835A24 Relevance: 10.6, APIs: 7, Instructions: 73COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ExceptionFilterPresentUnhandled$CaptureContextDebuggerEntryFeatureFunctionLookupProcessorUnwindVirtual
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3140674995-0
                                                                                                                                                                                                      • Opcode ID: fd064582dca017b65f84a5af08fa13e40438419c70a5fa8198f5f7a8a5acb07e
                                                                                                                                                                                                      • Instruction ID: ad8631aa70ed87b5259595ccf38e9f2883993ad911a0bfaf6d7226bb431cd37a
                                                                                                                                                                                                      • Opcode Fuzzy Hash: fd064582dca017b65f84a5af08fa13e40438419c70a5fa8198f5f7a8a5acb07e
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 21315E73608B8199EB608F60EC507EE7364FB94784F84443ADA4E47BA9EF78E548C710
                                                                                                                                                                                                      Function 00007FF65174DFBC Relevance: 10.6, APIs: 7, Instructions: 71COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ExceptionFilterPresentUnhandled$CaptureContextDebuggerEntryFeatureFunctionLookupProcessorUnwindVirtual
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3140674995-0
                                                                                                                                                                                                      • Opcode ID: c3adc2d70a46416e0016ebc7a976b5d71081f12b88a2fc355b22615e51f13282
                                                                                                                                                                                                      • Instruction ID: 10743bfd02f783bba879a84b273c2c13b514d47fbe3fcfacf1b16222f08a2487
                                                                                                                                                                                                      • Opcode Fuzzy Hash: c3adc2d70a46416e0016ebc7a976b5d71081f12b88a2fc355b22615e51f13282
                                                                                                                                                                                                      • Instruction Fuzzy Hash: E6315272709B858AEB608F64E8807ED7360FB84704F08443ADA4D97B99DF7CD648C710
                                                                                                                                                                                                      Function 00007FF651766A90 Relevance: 9.3, APIs: 6, Instructions: 334timeCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • _get_daylight.LIBCMT ref: 00007FF651766AD5
                                                                                                                                                                                                        • Part of subcall function 00007FF651766428: _invalid_parameter_noinfo.LIBCMT ref: 00007FF65176643C
                                                                                                                                                                                                        • Part of subcall function 00007FF65175B7D8: HeapFree.KERNEL32(?,?,?,00007FF651763BB2,?,?,?,00007FF651763BEF,?,?,00000000,00007FF6517640B5,?,?,?,00007FF651763FE7), ref: 00007FF65175B7EE
                                                                                                                                                                                                        • Part of subcall function 00007FF65175B7D8: GetLastError.KERNEL32(?,?,?,00007FF651763BB2,?,?,?,00007FF651763BEF,?,?,00000000,00007FF6517640B5,?,?,?,00007FF651763FE7), ref: 00007FF65175B7F8
                                                                                                                                                                                                        • Part of subcall function 00007FF65175B790: IsProcessorFeaturePresent.KERNEL32(?,?,?,?,00007FF65175B76F,?,?,?,?,?,00007FF65175B65A), ref: 00007FF65175B799
                                                                                                                                                                                                        • Part of subcall function 00007FF65175B790: GetCurrentProcess.KERNEL32(?,?,?,?,00007FF65175B76F,?,?,?,?,?,00007FF65175B65A), ref: 00007FF65175B7BE
                                                                                                                                                                                                      • _get_daylight.LIBCMT ref: 00007FF651766AC4
                                                                                                                                                                                                        • Part of subcall function 00007FF651766488: _invalid_parameter_noinfo.LIBCMT ref: 00007FF65176649C
                                                                                                                                                                                                      • _get_daylight.LIBCMT ref: 00007FF651766D3A
                                                                                                                                                                                                      • _get_daylight.LIBCMT ref: 00007FF651766D4B
                                                                                                                                                                                                      • _get_daylight.LIBCMT ref: 00007FF651766D5C
                                                                                                                                                                                                      • GetTimeZoneInformation.KERNEL32(?,?,?,?,?,?,?,?,?,00000000,?,00007FF651766F9C), ref: 00007FF651766D83
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _get_daylight$_invalid_parameter_noinfo$CurrentErrorFeatureFreeHeapInformationLastPresentProcessProcessorTimeZone
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 4070488512-0
                                                                                                                                                                                                      • Opcode ID: 21d60ebfbae8e31730b035635c8b8c2b126424aee6fcc9a8911b7a28c2f6a71d
                                                                                                                                                                                                      • Instruction ID: ba04d112bd39887c751ceaaf69b5c27b43af004528ebd66845bb2bad1d7df15e
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 21d60ebfbae8e31730b035635c8b8c2b126424aee6fcc9a8911b7a28c2f6a71d
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 32D1B426F1865686EB20AF29D4911B967A1FF84B84F884035EE4DE7A8FDF3CE441C744
                                                                                                                                                                                                      Function 00007FF821D0F5D0 Relevance: 9.2, APIs: 6, Instructions: 245COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: memset$log2
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3851851888-0
                                                                                                                                                                                                      • Opcode ID: 64f3392d5d0c07b22c2d9f88ec33949d3f89d5b72106fb347fe14f0603d3ecf4
                                                                                                                                                                                                      • Instruction ID: 625a4a6a0864234e43d2c5d21ca48d51e3e74f376e0046c54cce0707c7fe457d
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 64f3392d5d0c07b22c2d9f88ec33949d3f89d5b72106fb347fe14f0603d3ecf4
                                                                                                                                                                                                      • Instruction Fuzzy Hash: FEA1D822A18FD5C6D7128B35A8007AABB95FF96BC4F648231DA4E67655DF3CF046C700
                                                                                                                                                                                                      Function 00007FF821D10EB0 Relevance: 9.2, APIs: 6, Instructions: 239COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: memset$log2
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3851851888-0
                                                                                                                                                                                                      • Opcode ID: 9cac2ff7569d438a0fc14b80d39a9464d9c8e47c46ba66bb0d0afa152fd710d5
                                                                                                                                                                                                      • Instruction ID: 01244b14375245e43f92db19c14709ca5223a4cced20786de6a0929c9a637aae
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 9cac2ff7569d438a0fc14b80d39a9464d9c8e47c46ba66bb0d0afa152fd710d5
                                                                                                                                                                                                      • Instruction Fuzzy Hash: F7A1C322A18FD5C9E7128B75A8013AAEB65FF967C4F548332DA4E67655CF3CF086C600
                                                                                                                                                                                                      Function 00007FF821D12700 Relevance: 9.2, APIs: 6, Instructions: 239COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: memset$log2
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3851851888-0
                                                                                                                                                                                                      • Opcode ID: 630956aaa5f078cabb962465cabea9a2edb90d42bcb192cf7cf7d8a395303877
                                                                                                                                                                                                      • Instruction ID: 6c24799f52ffd22e2551529a238393d2a8acfb5506fdb37f0b054bdc3446c140
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 630956aaa5f078cabb962465cabea9a2edb90d42bcb192cf7cf7d8a395303877
                                                                                                                                                                                                      • Instruction Fuzzy Hash: FDA1C422A18FC5C9E7128B75A8007AAEB55FF967C4F248232DA4E67655DF3DF046CB00
                                                                                                                                                                                                      Function 00007FF65175B4A4 Relevance: 9.1, APIs: 6, Instructions: 83COMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ExceptionFilterUnhandled$CaptureContextDebuggerEntryFunctionLookupPresentUnwindVirtual
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 1239891234-0
                                                                                                                                                                                                      • Opcode ID: 4ae03e7b9a19b86c5d22b90a6790336bc10b9c87be4c5dc0ee32ae9123a7051c
                                                                                                                                                                                                      • Instruction ID: 0f0c595205b042ada564cf4067e642b8a3197363dc227a9a07a75815fb1eca30
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 4ae03e7b9a19b86c5d22b90a6790336bc10b9c87be4c5dc0ee32ae9123a7051c
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 02316636618B858ADB60CF69E8802BE73A4FB89758F580135EE9D93B59DF3CD145C700
                                                                                                                                                                                                      Function 00007FF821D0E090 Relevance: 7.9, APIs: 5, Instructions: 359COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • log2.API-MS-WIN-CRT-MATH-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000100,?), ref: 00007FF821D0E341
                                                                                                                                                                                                      • log2.API-MS-WIN-CRT-MATH-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000100,?), ref: 00007FF821D0E3C5
                                                                                                                                                                                                      • log2.API-MS-WIN-CRT-MATH-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000100,?), ref: 00007FF821D0E551
                                                                                                                                                                                                      • log2.API-MS-WIN-CRT-MATH-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000100,?), ref: 00007FF821D0E5B0
                                                                                                                                                                                                      • log2.API-MS-WIN-CRT-MATH-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000100,?), ref: 00007FF821D0E600
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: log2
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 4048861018-0
                                                                                                                                                                                                      • Opcode ID: 4ce18a24f6bbc4e66d1632d99029d87051404aa3dbe531e978db1d1c2478575e
                                                                                                                                                                                                      • Instruction ID: fee116b49640315f0771d22e260a57a04aa11a9ba3646ea3aa547809abae5d7c
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 4ce18a24f6bbc4e66d1632d99029d87051404aa3dbe531e978db1d1c2478575e
                                                                                                                                                                                                      • Instruction Fuzzy Hash: B9E1C631E28E85CAE717873999003B9A796EF99BD4F358335D54F62754EF39F0828A00
                                                                                                                                                                                                      Function 00007FF651762704 Relevance: 7.8, APIs: 5, Instructions: 282COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: FileFindFirst_invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2227656907-0
                                                                                                                                                                                                      • Opcode ID: cf7461f85acd42e3485247e372fbe24a613c1ef59c66a98e18cf909f25cb1e89
                                                                                                                                                                                                      • Instruction ID: c960f80b3379312cea58fe29fa19589c329e20415d5a2bb1753755ef005fe0f9
                                                                                                                                                                                                      • Opcode Fuzzy Hash: cf7461f85acd42e3485247e372fbe24a613c1ef59c66a98e18cf909f25cb1e89
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4BB1C622B1869A41EBA19B29D8005BD7391EB84BE4F5C5132EE4DA7BCEDF7CE541C700
                                                                                                                                                                                                      Function 00007FF821D27AA0 Relevance: 6.2, APIs: 4, Instructions: 169COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: log2$memset
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3759962277-0
                                                                                                                                                                                                      • Opcode ID: 7cb003af3fe56c2fa4ef3186a0cf0e2ba4dccb740a689c643034ce6301a7a5df
                                                                                                                                                                                                      • Instruction ID: dccc948bcc005026c530085dcb57e7563a8e3cf2ad33174a183be02834d06bfb
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 7cb003af3fe56c2fa4ef3186a0cf0e2ba4dccb740a689c643034ce6301a7a5df
                                                                                                                                                                                                      • Instruction Fuzzy Hash: F1617962F08E85C9EB37833899113BA9652AFA57C4F25C333DA5F77A45EF2CB0428500
                                                                                                                                                                                                      Function 00007FF821D20600 Relevance: 6.2, APIs: 4, Instructions: 160COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: log2$memset
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3759962277-0
                                                                                                                                                                                                      • Opcode ID: c462b1730b2cc9fe60fe652cd5c109c1ac0dba0022eaa0918e110071f0e1ffe6
                                                                                                                                                                                                      • Instruction ID: 11a9f49eba1c985855362beb8dc7ea9d6197caa02f1160cba70f79cfffeca2b9
                                                                                                                                                                                                      • Opcode Fuzzy Hash: c462b1730b2cc9fe60fe652cd5c109c1ac0dba0022eaa0918e110071f0e1ffe6
                                                                                                                                                                                                      • Instruction Fuzzy Hash: D7514A21F18E44CAEA078638450137AEA17AFA57D5E75C333E95FB3A5ADF2DB0838500
                                                                                                                                                                                                      Function 00007FF651766D0C Relevance: 6.1, APIs: 4, Instructions: 143timeCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • _get_daylight.LIBCMT ref: 00007FF651766D3A
                                                                                                                                                                                                        • Part of subcall function 00007FF651766488: _invalid_parameter_noinfo.LIBCMT ref: 00007FF65176649C
                                                                                                                                                                                                      • _get_daylight.LIBCMT ref: 00007FF651766D4B
                                                                                                                                                                                                        • Part of subcall function 00007FF651766428: _invalid_parameter_noinfo.LIBCMT ref: 00007FF65176643C
                                                                                                                                                                                                      • _get_daylight.LIBCMT ref: 00007FF651766D5C
                                                                                                                                                                                                        • Part of subcall function 00007FF651766458: _invalid_parameter_noinfo.LIBCMT ref: 00007FF65176646C
                                                                                                                                                                                                        • Part of subcall function 00007FF65175B7D8: HeapFree.KERNEL32(?,?,?,00007FF651763BB2,?,?,?,00007FF651763BEF,?,?,00000000,00007FF6517640B5,?,?,?,00007FF651763FE7), ref: 00007FF65175B7EE
                                                                                                                                                                                                        • Part of subcall function 00007FF65175B7D8: GetLastError.KERNEL32(?,?,?,00007FF651763BB2,?,?,?,00007FF651763BEF,?,?,00000000,00007FF6517640B5,?,?,?,00007FF651763FE7), ref: 00007FF65175B7F8
                                                                                                                                                                                                      • GetTimeZoneInformation.KERNEL32(?,?,?,?,?,?,?,?,?,00000000,?,00007FF651766F9C), ref: 00007FF651766D83
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _get_daylight_invalid_parameter_noinfo$ErrorFreeHeapInformationLastTimeZone
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3458911817-0
                                                                                                                                                                                                      • Opcode ID: 62e3c1159af9373ae78a462a2e0d22da9cd378e2d0735f3ef515df906fa7d1c8
                                                                                                                                                                                                      • Instruction ID: 35a55fae122c13df703ac97ad710f7df7ec335f6411592c35dc101d60e625cbb
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 62e3c1159af9373ae78a462a2e0d22da9cd378e2d0735f3ef515df906fa7d1c8
                                                                                                                                                                                                      • Instruction Fuzzy Hash: BB519E32A1864696E710EF29D8811B967A1FB48784F884136FA4EE3A9FDF3CE540C744
                                                                                                                                                                                                      Function 00007FF820832B62 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 57networkCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ErrorLastbind
                                                                                                                                                                                                      • String ID: ..\s\crypto\bio\b_sock2.c
                                                                                                                                                                                                      • API String ID: 2328862993-3200932406
                                                                                                                                                                                                      • Opcode ID: f4eba0e76321d527428058d812512f7d5c496053af6b33bf15f3205fea0f7f21
                                                                                                                                                                                                      • Instruction ID: 24a67c06e579fa89ac8b27fcf5a89007633e5a20a935c05c2c861aa8139b560b
                                                                                                                                                                                                      • Opcode Fuzzy Hash: f4eba0e76321d527428058d812512f7d5c496053af6b33bf15f3205fea0f7f21
                                                                                                                                                                                                      • Instruction Fuzzy Hash: C4215872B1865286E7509B25EC052AE6360EB88BD4F800131EA5D43BEADF3DF5858B00
                                                                                                                                                                                                      Function 00007FF820834246 Relevance: .0, Instructions: 33COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                      • Opcode ID: a46b17bfff405d911cbf0ed16f10332b4be66aad2a683c4b6cb6413eca26ac33
                                                                                                                                                                                                      • Instruction ID: aa1a903a917fb1227430f79651f0cec5a5b648c9350b42404e39b7b5cc2042e9
                                                                                                                                                                                                      • Opcode Fuzzy Hash: a46b17bfff405d911cbf0ed16f10332b4be66aad2a683c4b6cb6413eca26ac33
                                                                                                                                                                                                      • Instruction Fuzzy Hash: F6F0E9323283E145C759CA36A808F5A2DE59391BC9F12C030DD4CC3F44E92ED5018B40
                                                                                                                                                                                                      Function 00007FF820835731 Relevance: .0, Instructions: 22COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                      • Opcode ID: 47cb47f2231c500fe69675262d211844ffd3893697c7c00b0061ec7b87a542e7
                                                                                                                                                                                                      • Instruction ID: 337dd8c292273e3156075311706191c9d6a4f9562d0128681cee1df743397d2c
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 47cb47f2231c500fe69675262d211844ffd3893697c7c00b0061ec7b87a542e7
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 09E048727183A445D75DC9372908F6A5AA467157CAF43C1709D4EC3B45ED1ED602CB40
                                                                                                                                                                                                      Function 00007FF8208332FB Relevance: .0, Instructions: 5COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                      • Opcode ID: d97060366a19393a5f378523a58d3a9988204d3c9b3160ae50f75094774aa8b0
                                                                                                                                                                                                      • Instruction ID: 5a832a01fd4022c6c6d050d780126a7dce11e009e6c0514fae7c92c4f6b6f58d
                                                                                                                                                                                                      • Opcode Fuzzy Hash: d97060366a19393a5f378523a58d3a9988204d3c9b3160ae50f75094774aa8b0
                                                                                                                                                                                                      • Instruction Fuzzy Hash: A3A002E4B149566D6E6812611A4A37515130B493C28E695B198A9112445A1D71509151
                                                                                                                                                                                                      Function 00007FF651748020 Relevance: 178.8, APIs: 66, Strings: 36, Instructions: 316libraryloaderCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: AddressErrorLastProc
                                                                                                                                                                                                      • String ID: Failed to get address for %hs$GetProcAddress$LOADER: loaded functions from Tcl/Tk shared libraries.$Tcl_Alloc$Tcl_ConditionFinalize$Tcl_ConditionNotify$Tcl_ConditionWait$Tcl_CreateInterp$Tcl_CreateObjCommand$Tcl_CreateThread$Tcl_DeleteInterp$Tcl_DoOneEvent$Tcl_EvalEx$Tcl_EvalFile$Tcl_EvalObjv$Tcl_Finalize$Tcl_FinalizeThread$Tcl_FindExecutable$Tcl_Free$Tcl_GetCurrentThread$Tcl_GetObjResult$Tcl_GetString$Tcl_GetVar2$Tcl_Init$Tcl_JoinThread$Tcl_MutexFinalize$Tcl_MutexLock$Tcl_MutexUnlock$Tcl_NewByteArrayObj$Tcl_NewStringObj$Tcl_SetVar2$Tcl_SetVar2Ex$Tcl_ThreadAlert$Tcl_ThreadQueueEvent$Tk_GetNumMainWindows$Tk_Init
                                                                                                                                                                                                      • API String ID: 199729137-248881121
                                                                                                                                                                                                      • Opcode ID: 8daddfb9503edd7b548a31b269fe181a474298e06c8c0603bd8f84b4cf73f327
                                                                                                                                                                                                      • Instruction ID: 925252d1ea982c37e9b115a6e32949ba0d864843aa0f83a4f72d5ca7d05c54f8
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 8daddfb9503edd7b548a31b269fe181a474298e06c8c0603bd8f84b4cf73f327
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 9002D660D4EB0F91FB49DB9CA82057433A0AF09784B9C5936C46EF226EEF7CB548C211
                                                                                                                                                                                                      Function 00007FF651748A70 Relevance: 40.4, APIs: 9, Strings: 14, Instructions: 106COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: LongWindow$BlockCreateErrorLastReasonShutdown
                                                                                                                                                                                                      • String ID: LOADER: TerminateProcess call failed (%d)$LOADER: child process has finished.$LOADER: child process not terminated!$LOADER: child process terminated!$LOADER: end of WM_ENDSESSION handler reached!$LOADER: failed to register shutdown block reason (%d)!$LOADER: handling session shutdown - giving the child %d ms to exit...$LOADER: hidden window received WM_ENDSESSION with logoff-option %X and end-session option %X$LOADER: hidden window received WM_QUERYENDSESSION with logoff-option %X$LOADER: performing cleanup...$LOADER: session shutdown has been canceled!$LOADER: session shutdown has been confirmed!$LOADER: terminating the child process...$Needs to remove its temporary files.
                                                                                                                                                                                                      • API String ID: 3975851968-1164846305
                                                                                                                                                                                                      • Opcode ID: 1bc8f28ab11b7696a0155518a828e7b930c5ab5ba9747bf399300271541962dc
                                                                                                                                                                                                      • Instruction ID: 8667f090909f4d66e27e6c057b20233be252c49de67ddb3a4bf124c544972fab
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 1bc8f28ab11b7696a0155518a828e7b930c5ab5ba9747bf399300271541962dc
                                                                                                                                                                                                      • Instruction Fuzzy Hash: C0417B21E19A8681FB44AB6DF8500BD2754EF85B80F4C4132EA5EE33AFDE6CE945C350
                                                                                                                                                                                                      Function 00007FF821CE1EE0 Relevance: 35.1, APIs: 11, Strings: 9, Instructions: 76COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Module_$Constant$Object$ReadyType_$Create2Err_ExceptionString
                                                                                                                                                                                                      • String ID: %d.%d.%d$Compressor$Decompressor$MODE_FONT$MODE_GENERIC$MODE_TEXT$__version__$brotli.error$error
                                                                                                                                                                                                      • API String ID: 85873462-3709432877
                                                                                                                                                                                                      • Opcode ID: c527ea57f1a6fa79dc78c15721b8764123cc718b26bb66bf4bdf31074b340112
                                                                                                                                                                                                      • Instruction ID: fb67501a2ba69092823909831e75fbdad37090685f0f0cf50e9d572b554a554f
                                                                                                                                                                                                      • Opcode Fuzzy Hash: c527ea57f1a6fa79dc78c15721b8764123cc718b26bb66bf4bdf31074b340112
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 3231CF75A19E03D6FB009B15EC642A52B61BF89BC4FA42132C90EC66A4EF7DF149CB40
                                                                                                                                                                                                      Function 00007FF651748C50 Relevance: 33.4, APIs: 6, Strings: 13, Instructions: 132COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                        • Part of subcall function 00007FF65174A220: MultiByteToWideChar.KERNEL32(?,?,?,00007FF651743CB6), ref: 00007FF65174A259
                                                                                                                                                                                                      • ExpandEnvironmentStringsW.KERNEL32(?,00007FF6517494A7,?,?,00000000,00007FF651744223), ref: 00007FF651748CAC
                                                                                                                                                                                                        • Part of subcall function 00007FF651742A60: GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF651743C41,?,00007FF651743CC2), ref: 00007FF651742AB0
                                                                                                                                                                                                        • Part of subcall function 00007FF651742A60: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF651743C41), ref: 00007FF651742B25
                                                                                                                                                                                                        • Part of subcall function 00007FF651742A60: MessageBoxW.USER32 ref: 00007FF651742B45
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ByteCharCurrentDebugEnvironmentExpandMessageMultiOutputProcessStringStringsWide
                                                                                                                                                                                                      • String ID: %.*s$CreateDirectory$LOADER: absolute runtime-tmpdir is %ls$LOADER: appending backslash to the given drive root %ls$LOADER: creating runtime-tmpdir path component: %ls$LOADER: creating runtime-tmpdir path: %ls$LOADER: expanded runtime-tmpdir is a drive root: %ls$LOADER: failed to convert runtime-tmpdir to a wide string.$LOADER: failed to create runtime-tmpdir path %ls!$LOADER: failed to expand environment variables in the runtime-tmpdir.$LOADER: failed to obtain the absolute path of the runtime-tmpdir.$LOADER: runtime-tmpdir points to non-existent drive %ls (type: %d)!$\
                                                                                                                                                                                                      • API String ID: 398162068-1319882304
                                                                                                                                                                                                      • Opcode ID: adb036b1b6b5223afbb4edf4e8219ecebd51f08b2ad88e9b6ef912661cb18f0b
                                                                                                                                                                                                      • Instruction ID: 6d6784d3d94519f4dcc651b1765760b24ba82482afbb3bdec8ea535f777724a5
                                                                                                                                                                                                      • Opcode Fuzzy Hash: adb036b1b6b5223afbb4edf4e8219ecebd51f08b2ad88e9b6ef912661cb18f0b
                                                                                                                                                                                                      • Instruction Fuzzy Hash: E6518421B2D64781FB60EB6DE8512BA6251EF94780F4C5432E68EE269FEF7CE5448700
                                                                                                                                                                                                      Function 00007FF820831B7C Relevance: 30.0, APIs: 10, Strings: 7, Instructions: 204stringCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: strspn$strncmp
                                                                                                                                                                                                      • String ID: $ $ ,$..\s\crypto\pem\pem_lib.c$DEK-Info:$ENCRYPTED$Proc-Type:
                                                                                                                                                                                                      • API String ID: 1384302209-3505811795
                                                                                                                                                                                                      • Opcode ID: 6f4bd565c760ef683c335e3032099a5dbc3b072bbf452e8024a4d14d29473981
                                                                                                                                                                                                      • Instruction ID: 0d7409230b3f42603ebe7c750de46155ca3c0729a57b6ecbdad897a977a18043
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 6f4bd565c760ef683c335e3032099a5dbc3b072bbf452e8024a4d14d29473981
                                                                                                                                                                                                      • Instruction Fuzzy Hash: A4918F62F0C65792EB248B219C582BE2751EB497D4FC04036DA4F42B96EF6CF96AC704
                                                                                                                                                                                                      Function 00007FF651743970 Relevance: 28.1, APIs: 2, Strings: 14, Instructions: 106windowCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                        • Part of subcall function 00007FF651742770: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF651743CB6), ref: 00007FF651742847
                                                                                                                                                                                                      • PostMessageW.USER32 ref: 00007FF6517439E0
                                                                                                                                                                                                      • GetMessageW.USER32 ref: 00007FF6517439F3
                                                                                                                                                                                                        • Part of subcall function 00007FF651742770: OutputDebugStringA.KERNEL32(?,?,?,?,?,00007FF651743CB6), ref: 00007FF651742854
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: DebugMessageOutputString$Post
                                                                                                                                                                                                      • String ID: Failed to remove temporary directory: %s$LOADER: child process exited (return code: %d)$LOADER: end of process reached!$LOADER: extracting files to temporary directory...$LOADER: failed to extract files!$LOADER: failed to remove temporary directory - attempting to mitigate the situation...$LOADER: mitigation failed!$LOADER: mitigation succeeded.$LOADER: performing cleanup...$LOADER: removing temporary directory: %s$LOADER: setting _PYI_APPLICATION_HOME_DIR to %s$LOADER: starting the child process...$LOADER: temporary directory %s was successfully removed.$_PYI_APPLICATION_HOME_DIR
                                                                                                                                                                                                      • API String ID: 3280635411-4248730274
                                                                                                                                                                                                      • Opcode ID: 495cdb9404f1af0939381f52dc9f476e81c22191e0565d756b66147f632a6539
                                                                                                                                                                                                      • Instruction ID: 6e237fda0e9ac47219cfea90c58f691984b048c7b0745c2af5ec1e8a45bdbe08
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 495cdb9404f1af0939381f52dc9f476e81c22191e0565d756b66147f632a6539
                                                                                                                                                                                                      • Instruction Fuzzy Hash: F4416C29E1865790FB01FB3DE8511BA2251AF94784F4C0131EA8DE62AFEE6CE654C740
                                                                                                                                                                                                      Function 00007FF821CE1C80 Relevance: 26.4, APIs: 13, Strings: 2, Instructions: 145COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: DeallocSizeString$Arg_Buffer_Bytes_Err_FromKeywords_List_ParseReleaseTuplefreemalloc
                                                                                                                                                                                                      • String ID: BrotliDecompress failed$y*|:decompress
                                                                                                                                                                                                      • API String ID: 3129089932-3609120798
                                                                                                                                                                                                      • Opcode ID: 21fc62796acf40556abf5966d126bf01a84e1109d329ffa3a643c5993f22310f
                                                                                                                                                                                                      • Instruction ID: 0af0086cfdeca4807428f6a2405618102e367864b0c5a3f43730996a5266fb5e
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 21fc62796acf40556abf5966d126bf01a84e1109d329ffa3a643c5993f22310f
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 07612636B09F8285FB249F65E8443AD27A4AB48BC8FA44131DE4E93B58EF3CE514C740
                                                                                                                                                                                                      Function 00007FF820834E44 Relevance: 24.7, APIs: 10, Strings: 4, Instructions: 205registryfileCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Event$FileSource$ByteCharDeregisterHandleMultiRegisterReportTypeWideWrite__stdio_common_vsprintf__stdio_common_vswprintf
                                                                                                                                                                                                      • String ID: $OpenSSL$OpenSSL: FATAL$no stack?
                                                                                                                                                                                                      • API String ID: 2603057392-2963566556
                                                                                                                                                                                                      • Opcode ID: 59a87a5942c62673d1eda9d489acfd17bfac18cd3cdeff8e5dabbfc5dde2d1c3
                                                                                                                                                                                                      • Instruction ID: 43abaaf43e6af7ba6f29535f4531579cea21974ae339d3d705fda0ee55c34975
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 59a87a5942c62673d1eda9d489acfd17bfac18cd3cdeff8e5dabbfc5dde2d1c3
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 7E91B173A18B8292EB208F24EC582BD3760FB45BD4F404235EA5E07BA5EF38E255C700
                                                                                                                                                                                                      Function 00007FF6517490B0 Relevance: 24.7, APIs: 6, Strings: 8, Instructions: 159COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetCurrentProcess.KERNEL32(?,00000000,?,?,00007FF651749FC1), ref: 00007FF6517490E2
                                                                                                                                                                                                      • K32EnumProcessModules.KERNEL32(?,?,00007FF651749FC1), ref: 00007FF651749139
                                                                                                                                                                                                        • Part of subcall function 00007FF65174A220: MultiByteToWideChar.KERNEL32(?,?,?,00007FF651743CB6), ref: 00007FF65174A259
                                                                                                                                                                                                      • K32GetModuleFileNameExW.KERNEL32(?,?,00007FF651749FC1), ref: 00007FF6517491E2
                                                                                                                                                                                                      • K32GetModuleFileNameExW.KERNEL32(?,?,00007FF651749FC1), ref: 00007FF651749281
                                                                                                                                                                                                        • Part of subcall function 00007FF651742880: GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF651743BC3,?,00007FF651743CC2), ref: 00007FF6517428CE
                                                                                                                                                                                                        • Part of subcall function 00007FF651742880: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF651743BC3,?,00007FF651743CC2), ref: 00007FF651742938
                                                                                                                                                                                                        • Part of subcall function 00007FF6517588CC: _invalid_parameter_noinfo.LIBCMT ref: 00007FF6517588E9
                                                                                                                                                                                                      • FreeLibrary.KERNEL32(?,?,00007FF651749FC1), ref: 00007FF6517492B4
                                                                                                                                                                                                      • FreeLibrary.KERNEL32(?,?,00007FF651749FC1), ref: 00007FF6517492DE
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Process$CurrentFileFreeLibraryModuleName$ByteCharDebugEnumModulesMultiOutputStringWide_invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID: LOADER: DLL unloaded after %d attempt(s)!$LOADER: could not resolve DLL's name (was it unloaded?) - skipping!$LOADER: could not resolve DLL's name - skipping!$LOADER: forcing unload of %ls (attempt #%d)$LOADER: found %d DLL(s) loaded from application's temporary directory!$LOADER: found %d loaded DLLs...$LOADER: giving up after %d attempts!$LOADER: loaded DLL: %ls
                                                                                                                                                                                                      • API String ID: 1205768147-1546440269
                                                                                                                                                                                                      • Opcode ID: 6c5233cc46710ddbe77f55522e0e2799013675b2a9a2f53dffbdce8b5bd321a3
                                                                                                                                                                                                      • Instruction ID: 16e722be908e4361e5efff425525de1f35b82a0c9889e0b39f31cb134080d756
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 6c5233cc46710ddbe77f55522e0e2799013675b2a9a2f53dffbdce8b5bd321a3
                                                                                                                                                                                                      • Instruction Fuzzy Hash: C0616861B1D68282FB209B19E4402BA6354FF49784F4C5135EA8DE769FEE7CE505C740
                                                                                                                                                                                                      Function 00007FF651741600 Relevance: 22.9, APIs: 1, Strings: 12, Instructions: 145COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentProcess
                                                                                                                                                                                                      • String ID: Failed to create symbolic link %s!$Failed to extract %s: failed to allocate temporary buffer!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to open target file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$Failed to extract %s: failed to write data chunk!$fopen$fread$fseek$fwrite$malloc
                                                                                                                                                                                                      • API String ID: 2050909247-1550345328
                                                                                                                                                                                                      • Opcode ID: 8fa202efdf0a369b6560fbe814b5e55ddf7b6ce5fdd8b709b2afc435ec933388
                                                                                                                                                                                                      • Instruction ID: f25ee42d3e8d43f39b823c668a48af59e67502efb865b32d56f211c1098617f1
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 8fa202efdf0a369b6560fbe814b5e55ddf7b6ce5fdd8b709b2afc435ec933388
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 36518121B08A4792EB10EB69A4501B923A0BF44BA4F4C4532ED9DE779FEF7CF5558700
                                                                                                                                                                                                      Function 00007FF821CE19E0 Relevance: 22.9, APIs: 11, Strings: 2, Instructions: 125COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: DeallocSizeString$Arg_Buffer_Bytes_Err_FromList_ParseReleaseTuple_
                                                                                                                                                                                                      • String ID: BrotliDecoderDecompressStream failed while processing the stream$y*:process
                                                                                                                                                                                                      • API String ID: 2327171786-3378180327
                                                                                                                                                                                                      • Opcode ID: 0409f8f06fc8815c48b07b2be836251baa69eb390988694566013f5be1359561
                                                                                                                                                                                                      • Instruction ID: a1aa7d890da0298665853bbbc72ab72c02d329fdcaa9892d0539351627e86aef
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 0409f8f06fc8815c48b07b2be836251baa69eb390988694566013f5be1359561
                                                                                                                                                                                                      • Instruction Fuzzy Hash: CA512676B09F4689EB248F65E8403AD37A4FB48B88FA40136DE4D97B58EF38E414C740
                                                                                                                                                                                                      Function 00007FF8328B3F80 Relevance: 22.8, APIs: 11, Strings: 2, Instructions: 88COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685906558.00007FF8328B1000.00000020.00000001.01000000.00000012.sdmp, Offset: 00007FF8328B0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685870583.00007FF8328B0000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685947239.00007FF8328C5000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685983863.00007FF8328CB000.00000004.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1686019669.00007FF8328CF000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff8328b0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Dealloc$Err_$AttrDict_Object_String$ClearExceptionItemMatches
                                                                                                                                                                                                      • String ID: __mypyc_attrs__$__mypyc_attrs__ is not a tuple
                                                                                                                                                                                                      • API String ID: 2346549887-4201147154
                                                                                                                                                                                                      • Opcode ID: f16431c033219f5124e2c35e73efdd369c37ff6272c8a4c769618fb3033d96ea
                                                                                                                                                                                                      • Instruction ID: a3900cce124e46fef23f360d6dbb1982c1a7d41d703a32a46ea5e6c01de51c2a
                                                                                                                                                                                                      • Opcode Fuzzy Hash: f16431c033219f5124e2c35e73efdd369c37ff6272c8a4c769618fb3033d96ea
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 13313B21B0AA1A81EF55AF26EC582BAA7A0BF44FD4F444435CD0E17774DFBDE446A300
                                                                                                                                                                                                      Function 00007FF820831F6E Relevance: 21.1, APIs: 9, Strings: 3, Instructions: 135COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID: ..\s\crypto\rand\randfile.c$Filename=$i
                                                                                                                                                                                                      • API String ID: 0-1799673945
                                                                                                                                                                                                      • Opcode ID: 38c64de6083e27b285f8cd618f22682045234ba5fda0c2ac3b6a6d0f1d4d7116
                                                                                                                                                                                                      • Instruction ID: 7d2294966b6c8658210405a6dc4d19c08f156d496aafbcabb987a95a2ad5e6de
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 38c64de6083e27b285f8cd618f22682045234ba5fda0c2ac3b6a6d0f1d4d7116
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 27516822B08A4296F624AB65DC587BA73A1EF88BC0F804135DA1E467E5EF7CF505CB01
                                                                                                                                                                                                      Function 00007FF8207124C0 Relevance: 21.1, APIs: 8, Strings: 4, Instructions: 72COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Module_$Dealloc$ObjectObject_$Capsule_ConstantFromMallocMem_SpecStringTrackTypeType_
                                                                                                                                                                                                      • String ID: 13.0.0$_ucnhash_CAPI$ucd_3_2_0$unidata_version
                                                                                                                                                                                                      • API String ID: 288921926-2302946913
                                                                                                                                                                                                      • Opcode ID: 8849700e4595db79af61cb0ca23ecac910159f79cad4801844aab08d1f2a0480
                                                                                                                                                                                                      • Instruction ID: dd82e5b03e2df7e4a454790959b48640ebef381c55eb42a96781f2be2a8a6d86
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 8849700e4595db79af61cb0ca23ecac910159f79cad4801844aab08d1f2a0480
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 54214B20E1CB0289EE549B21AC90178E3A6AF69BD3F184434C95F867D5EF2EF026D700
                                                                                                                                                                                                      Function 00007FF8328C3390 Relevance: 21.1, APIs: 8, Strings: 4, Instructions: 68COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685906558.00007FF8328B1000.00000020.00000001.01000000.00000012.sdmp, Offset: 00007FF8328B0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685870583.00007FF8328B0000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685947239.00007FF8328C5000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685983863.00007FF8328CB000.00000004.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1686019669.00007FF8328CF000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff8328b0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: AttrCapsule_DeallocObject_String$Create2Module_
                                                                                                                                                                                                      • String ID: charset_normalizer.md__mypyc.exports$charset_normalizer.md__mypyc.init_charset_normalizer___md$exports$init_charset_normalizer___md
                                                                                                                                                                                                      • API String ID: 2519120496-2411258805
                                                                                                                                                                                                      • Opcode ID: 06adb6cc7286919ea4126922319a9adb555670285f9b488a954d486eb48fd6a3
                                                                                                                                                                                                      • Instruction ID: 1c8cbf36b10afc7482d6fa7816cc31b581900c0756128698337141e5aa87c29d
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 06adb6cc7286919ea4126922319a9adb555670285f9b488a954d486eb48fd6a3
                                                                                                                                                                                                      • Instruction Fuzzy Hash: EF315A21B2AB2381EE019F25EC905B9A3A0BF98BC4F884435C90E13735EFBCE545E300
                                                                                                                                                                                                      Function 00007FF651749450 Relevance: 17.6, APIs: 3, Strings: 7, Instructions: 121COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetTempPathW.KERNEL32(?,?,00000000,00007FF651744223), ref: 00007FF651749500
                                                                                                                                                                                                      • GetCurrentProcessId.KERNEL32(?,00000000,00007FF651744223), ref: 00007FF651749517
                                                                                                                                                                                                      • CreateDirectoryW.KERNEL32(?,00000000,00007FF651744223), ref: 00007FF65174955C
                                                                                                                                                                                                        • Part of subcall function 00007FF651749640: GetEnvironmentVariableW.KERNEL32(00007FF651743D93), ref: 00007FF651749677
                                                                                                                                                                                                        • Part of subcall function 00007FF651749640: ExpandEnvironmentStringsW.KERNEL32 ref: 00007FF651749699
                                                                                                                                                                                                        • Part of subcall function 00007FF6517590C8: _invalid_parameter_noinfo.LIBCMT ref: 00007FF6517590E1
                                                                                                                                                                                                        • Part of subcall function 00007FF651742A60: GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF651743C41,?,00007FF651743CC2), ref: 00007FF651742AB0
                                                                                                                                                                                                        • Part of subcall function 00007FF651742A60: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF651743C41), ref: 00007FF651742B25
                                                                                                                                                                                                        • Part of subcall function 00007FF651742A60: MessageBoxW.USER32 ref: 00007FF651742B45
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentEnvironmentProcess$CreateDebugDirectoryExpandMessageOutputPathStringStringsTempVariable_invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID: LOADER: attempting to create temporary application directory under %ls$LOADER: failed to set the TMP environment variable.$LOADER: length of teporary directory path exceeds maximum path length!$LOADER: successfully resolved the specified runtime-tmpdir$TMP$TMP$_MEI%d
                                                                                                                                                                                                      • API String ID: 1643647955-3213535515
                                                                                                                                                                                                      • Opcode ID: 232cc4f6535adc50b3134121af1d9767dffedc1d4e61f094cd294c5824e59019
                                                                                                                                                                                                      • Instruction ID: 263d831ba7d1586d26f83a0c9394d469e087747892aa72541ce94079eaa318d2
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 232cc4f6535adc50b3134121af1d9767dffedc1d4e61f094cd294c5824e59019
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 0C518D22A0D64381FB10AB2DA8952FE5251AF89780F984031ED8EE76DFEE7CE545C740
                                                                                                                                                                                                      Function 00007FF8207146DC Relevance: 17.6, APIs: 6, Strings: 4, Instructions: 101COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Arg_Unicode_$ArgumentCheckDigitErr_FromLongLong_PositionalReadyString
                                                                                                                                                                                                      • String ID: a unicode character$argument 1$digit$not a digit
                                                                                                                                                                                                      • API String ID: 2437920334-4278345224
                                                                                                                                                                                                      • Opcode ID: d8e6a483aa124d8a0f7fadfcdbea60320d10b9bba425ecb1969d68fb569105d1
                                                                                                                                                                                                      • Instruction ID: 17c40b29b90116a9ac078552d6367c45482e8d873f9f0040434b050e2ca04791
                                                                                                                                                                                                      • Opcode Fuzzy Hash: d8e6a483aa124d8a0f7fadfcdbea60320d10b9bba425ecb1969d68fb569105d1
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 62413825B186468AFB608B25DC5037AA3A1EF85BD6F548531CA0E977E4DF3EF846D300
                                                                                                                                                                                                      Function 00007FF820712700 Relevance: 16.7, APIs: 11, Instructions: 230COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Initialize__scrt_acquire_startup_lock__scrt_dllmain_after_initialize_c__scrt_dllmain_crt_thread_attach__scrt_initialize_crt__scrt_release_startup_lock
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 349153199-0
                                                                                                                                                                                                      • Opcode ID: 1738fc931c46e0016abe01128f6c04fa9ae34eb026bf82ed76cd7c7c3c76c679
                                                                                                                                                                                                      • Instruction ID: f5ec1e207ab09fd6a7b61f1f28786541f0d895bfbe7a4ead8b8f6721cf83421c
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 1738fc931c46e0016abe01128f6c04fa9ae34eb026bf82ed76cd7c7c3c76c679
                                                                                                                                                                                                      • Instruction Fuzzy Hash: BA819F61E1C2434EFB549B25AC41279E2A0AF657C2F148135DA4C937D6DF3EF9678B00
                                                                                                                                                                                                      Function 00007FF820714A94 Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 94COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Unicode_$Equal$CompareDeallocErr_ReadyString
                                                                                                                                                                                                      • String ID: invalid normalization form
                                                                                                                                                                                                      • API String ID: 3010910608-2281882113
                                                                                                                                                                                                      • Opcode ID: 71d70c814a1b85dfb32b3f0810df02494d5ba905ed5b44fd8e565b17dcf905d8
                                                                                                                                                                                                      • Instruction ID: cd4b04badc07004655cc26bc9a96ef0a6815bf8ebc86e4716929744420610269
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 71d70c814a1b85dfb32b3f0810df02494d5ba905ed5b44fd8e565b17dcf905d8
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 9C415CA5B1CA068AEA608B12AC54339E3A0BF48BD6F444535CD4E877E5DF3EF404D310
                                                                                                                                                                                                      Function 00007FF820711000 Relevance: 15.8, APIs: 5, Strings: 4, Instructions: 61COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Unicode_$Arg_$ArgumentEqualReady$CheckPositionalSubtypeType_
                                                                                                                                                                                                      • String ID: argument 1$argument 2$normalize$str
                                                                                                                                                                                                      • API String ID: 2760394311-1320425463
                                                                                                                                                                                                      • Opcode ID: 201e1a0c86d96ed07084084db240da97117a3eea60c9e8d2cbe13f47ad1407c3
                                                                                                                                                                                                      • Instruction ID: 969f8fbd7f48895f157a9360abce1b7d421de5611d362c1d308510559935c5ef
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 201e1a0c86d96ed07084084db240da97117a3eea60c9e8d2cbe13f47ad1407c3
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 7121A621A1CA8799EB108B25EC442B9A361FF48FDAF544232DA5D473E4CF2EF456D300
                                                                                                                                                                                                      Function 00007FF8207149A8 Relevance: 15.8, APIs: 5, Strings: 4, Instructions: 58COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Arg_$ArgumentReadyUnicode_$CheckPositional
                                                                                                                                                                                                      • String ID: argument 1$argument 2$is_normalized$str
                                                                                                                                                                                                      • API String ID: 396090033-184702317
                                                                                                                                                                                                      • Opcode ID: 499ad2b4e8d2c61c6c3904c5fb4ee9275f40f4ad30840fc7374985e9f058fd08
                                                                                                                                                                                                      • Instruction ID: cf5c82a040b80ea79d8a2694007010856eb13742b5b1e76727437ec2cd96593a
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 499ad2b4e8d2c61c6c3904c5fb4ee9275f40f4ad30840fc7374985e9f058fd08
                                                                                                                                                                                                      • Instruction Fuzzy Hash: BB218121A18A879AEB108B65EC446B5A360FF44FDAF459231EA5D473E4CF2EF44AD304
                                                                                                                                                                                                      Function 00007FF82093DFC0 Relevance: 15.2, APIs: 1, Strings: 9, Instructions: 238stringCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: strncmp
                                                                                                                                                                                                      • String ID: %-8d$, path=$, retcode=$, value=$..\s\crypto\conf\conf_mod.c$OPENSSL_finish$OPENSSL_init$module=$path
                                                                                                                                                                                                      • API String ID: 1114863663-3652895664
                                                                                                                                                                                                      • Opcode ID: 4db1eb8a585ac68cf998a3b6e9badf89a485a1474e390311c54c3a3ce943dab9
                                                                                                                                                                                                      • Instruction ID: 72672279ad78ee20f9198402497bf9e8ab0501132eab4da24f0689d02369aa91
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 4db1eb8a585ac68cf998a3b6e9badf89a485a1474e390311c54c3a3ce943dab9
                                                                                                                                                                                                      • Instruction Fuzzy Hash: BEA18E21B0D64681FB649B61ED152BA23A5AF89BC0F844135DE5E077D9EF3CF945C700
                                                                                                                                                                                                      Function 00007FF820834B42 Relevance: 15.1, APIs: 3, Strings: 7, Instructions: 127stringCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: strncmp
                                                                                                                                                                                                      • String ID: , value=$..\s\crypto\x509v3\v3_conf.c$/$ASN1:$DER:$critical,$name=
                                                                                                                                                                                                      • API String ID: 1114863663-1429737502
                                                                                                                                                                                                      • Opcode ID: d8692db6c55102258f18e242426c4eb0e575738db7c4b8f67f2ced113da6dce9
                                                                                                                                                                                                      • Instruction ID: d543f2584e018f2d8c0246c0c8c41a5b9dfbc90e44ae95b8a0bdbc528f832fa4
                                                                                                                                                                                                      • Opcode Fuzzy Hash: d8692db6c55102258f18e242426c4eb0e575738db7c4b8f67f2ced113da6dce9
                                                                                                                                                                                                      • Instruction Fuzzy Hash: B0419122F0868642FF109F22AD017BA66A0BF89FD4F884530DD5E07799DE3DF5058740
                                                                                                                                                                                                      Function 00007FF651757120 Relevance: 14.5, APIs: 3, Strings: 5, Instructions: 494COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID: -$:$f$p$p
                                                                                                                                                                                                      • API String ID: 3215553584-2013873522
                                                                                                                                                                                                      • Opcode ID: 05289c79a0973464c9e6def38ad17f96859a0f6bf6326b9c8ee99a6d91406060
                                                                                                                                                                                                      • Instruction ID: 25e8f3f1f715bd3515e284840686ef81464e0a5f2dc2fa2ba9fb4e73fcccb015
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 05289c79a0973464c9e6def38ad17f96859a0f6bf6326b9c8ee99a6d91406060
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 2212A162E0C18387FB647A1CE5C467A7692FB40754FDE4476E689A66CEDF3CE4808B10
                                                                                                                                                                                                      Function 00007FF651751E58 Relevance: 14.5, APIs: 3, Strings: 5, Instructions: 475COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID: f$f$p$p$f
                                                                                                                                                                                                      • API String ID: 3215553584-1325933183
                                                                                                                                                                                                      • Opcode ID: 36904858277830fb8bea51a287cdb11102976cd150a0ae475a72b14e7f9093e8
                                                                                                                                                                                                      • Instruction ID: e03a22934f9b66578a7229d416845f1f246baeef26b4221703f3cab2085e1a37
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 36904858277830fb8bea51a287cdb11102976cd150a0ae475a72b14e7f9093e8
                                                                                                                                                                                                      • Instruction Fuzzy Hash: A012B566E0C143C7FB249B18D0542BA76A2FB50754F9E4136E69AD66CEDF3CE881CB10
                                                                                                                                                                                                      Function 00007FF651741050 Relevance: 14.1, APIs: 1, Strings: 7, Instructions: 119COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentProcess
                                                                                                                                                                                                      • String ID: Failed to extract %s: failed to allocate data buffer (%u bytes)!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$fread$fseek$malloc
                                                                                                                                                                                                      • API String ID: 2050909247-3659356012
                                                                                                                                                                                                      • Opcode ID: 749ed732c1f409f8298bb4fde0483e5ecd6a62d8b9616e0b33e77eb4fb1f3af4
                                                                                                                                                                                                      • Instruction ID: eccef05cb275a4ead1fa45f12b49e86f1f2b07a4f071decce96c8f4a4f4da8ea
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 749ed732c1f409f8298bb4fde0483e5ecd6a62d8b9616e0b33e77eb4fb1f3af4
                                                                                                                                                                                                      • Instruction Fuzzy Hash: E4419022B0869682EB10EB19A8446B96391FF44BD0F5C4832ED8DA779FDF7CF5458740
                                                                                                                                                                                                      Function 00007FF8208341DD Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 117networkCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ErrorLastsetsockopt
                                                                                                                                                                                                      • String ID: ..\s\crypto\bio\b_sock2.c$o
                                                                                                                                                                                                      • API String ID: 1729277954-1872632005
                                                                                                                                                                                                      • Opcode ID: 0d2034ac39a1f015537a20df33351dbf74ae8a5fab91621d70cfd5eb938fd7c6
                                                                                                                                                                                                      • Instruction ID: b6804f418820bc106ebf455d54ec21d10ff8f1f2f411305575009db05ea18259
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 0d2034ac39a1f015537a20df33351dbf74ae8a5fab91621d70cfd5eb938fd7c6
                                                                                                                                                                                                      • Instruction Fuzzy Hash: F1515A72B1854286F7209B61EC086BE73A0FB88B94F944135EA4947BE9CF7DF549CB40
                                                                                                                                                                                                      Function 00007FF651742EC0 Relevance: 14.1, APIs: 4, Strings: 4, Instructions: 106windowCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetCurrentProcessId.KERNEL32(?,?,?,?,?,?,?,?,00007FF651743B96,?,00007FF651743CC2), ref: 00007FF651742F0E
                                                                                                                                                                                                      • FormatMessageW.KERNEL32(?,?,?,?,?,?,?,?,00007FF651743B96,?,00007FF651743CC2), ref: 00007FF651742FD3
                                                                                                                                                                                                      • OutputDebugStringW.KERNEL32(?,?,?,?,?,?,?,00007FF651743B96,?,00007FF651743CC2), ref: 00007FF651742FF4
                                                                                                                                                                                                      • MessageBoxW.USER32 ref: 00007FF651743014
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Message$CurrentDebugFormatOutputProcessString
                                                                                                                                                                                                      • String ID: %ls: $<FormatMessageW failed.>$Error$[PYI-%d:ERROR]
                                                                                                                                                                                                      • API String ID: 3610484179-251083826
                                                                                                                                                                                                      • Opcode ID: a15dfebf77b6f2c1d6f9f98feaf5857f40cdd7ba5719b96ab5fb3d0c8df69239
                                                                                                                                                                                                      • Instruction ID: 9216c3ea97478531cf2d0555e0cf61b9dcb43277dc6e814f7e8900c59c74104f
                                                                                                                                                                                                      • Opcode Fuzzy Hash: a15dfebf77b6f2c1d6f9f98feaf5857f40cdd7ba5719b96ab5fb3d0c8df69239
                                                                                                                                                                                                      • Instruction Fuzzy Hash: BF41D722708A4142E720A729F8142BA7695BF887C8F450135EF8DE375EDF7CE606C700
                                                                                                                                                                                                      Function 00007FF820831D4D Relevance: 14.1, APIs: 4, Strings: 4, Instructions: 99libraryloaderCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: HandleModule$AddressProc
                                                                                                                                                                                                      • String ID: OPENSSL_Applink$OPENSSL_Uplink(%p,%02X): $_ssl.pyd$_ssl_d.pyd
                                                                                                                                                                                                      • API String ID: 1883125708-1130596517
                                                                                                                                                                                                      • Opcode ID: 4ccc3ce23c4402700d34cdd1b44a20b3c7d878ed7d0ac8f9f23aaafae92de14e
                                                                                                                                                                                                      • Instruction ID: a5517e91a191a395555e885e193a2cd2be82295e2a9aa42ad8ce1c65fdbda9c0
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 4ccc3ce23c4402700d34cdd1b44a20b3c7d878ed7d0ac8f9f23aaafae92de14e
                                                                                                                                                                                                      • Instruction Fuzzy Hash: A451EF62D18B4296E6158F28EC4527823A0FF597E4B849336D96E133F6EF7DB591C300
                                                                                                                                                                                                      Function 00007FF8208323D8 Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 94libraryloaderCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: InformationObjectUser$AddressErrorHandleLastModuleProcProcessStationWindow
                                                                                                                                                                                                      • String ID: Service-0x$_OPENSSL_isservice
                                                                                                                                                                                                      • API String ID: 1944374717-1672312481
                                                                                                                                                                                                      • Opcode ID: d4d7f13fea52a3178e6bf5d964a5a64b36e3e8d5b416d224cb6cd8592f581902
                                                                                                                                                                                                      • Instruction ID: 7cf628a771036b1c6e462228d6f0e320900bb5d6da4d63be5f62a5c5c8b6d711
                                                                                                                                                                                                      • Opcode Fuzzy Hash: d4d7f13fea52a3178e6bf5d964a5a64b36e3e8d5b416d224cb6cd8592f581902
                                                                                                                                                                                                      • Instruction Fuzzy Hash: B7418B22B09B8296EB609F74EC542A933A0EF487F4B844735E97E46BE5DF2CF5448740
                                                                                                                                                                                                      Function 00007FF8208332B0 Relevance: 13.6, APIs: 3, Strings: 6, Instructions: 127COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: atoi
                                                                                                                                                                                                      • String ID: ..\s\crypto\ts\ts_conf.c$accuracy$microsecs$millisecs$p$secs
                                                                                                                                                                                                      • API String ID: 657269090-1596076588
                                                                                                                                                                                                      • Opcode ID: 5a975bf53932d7b82c7c78e034f3009e6c832d57072af302546c196ded0eb7fd
                                                                                                                                                                                                      • Instruction ID: ba3b80478bbb08efabf1bf20bc69f07d237dbd41ea43f208a108f4ccad22a25b
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 5a975bf53932d7b82c7c78e034f3009e6c832d57072af302546c196ded0eb7fd
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 2A518F23B0864796EB54EB66AC565BA7390BF88BC4F808432DD4F07791DE3DF5158700
                                                                                                                                                                                                      Function 00007FF651749FA0 Relevance: 13.6, APIs: 1, Strings: 8, Instructions: 56sleepCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                        • Part of subcall function 00007FF651742880: GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF651743BC3,?,00007FF651743CC2), ref: 00007FF6517428CE
                                                                                                                                                                                                        • Part of subcall function 00007FF651742880: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF651743BC3,?,00007FF651743CC2), ref: 00007FF651742938
                                                                                                                                                                                                        • Part of subcall function 00007FF6517490B0: GetCurrentProcess.KERNEL32(?,00000000,?,?,00007FF651749FC1), ref: 00007FF6517490E2
                                                                                                                                                                                                        • Part of subcall function 00007FF6517490B0: K32EnumProcessModules.KERNEL32(?,?,00007FF651749FC1), ref: 00007FF651749139
                                                                                                                                                                                                        • Part of subcall function 00007FF6517490B0: K32GetModuleFileNameExW.KERNEL32(?,?,00007FF651749FC1), ref: 00007FF6517491E2
                                                                                                                                                                                                        • Part of subcall function 00007FF6517490B0: K32GetModuleFileNameExW.KERNEL32(?,?,00007FF651749FC1), ref: 00007FF651749281
                                                                                                                                                                                                      • Sleep.KERNEL32 ref: 00007FF65174A019
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Process$CurrentFileModuleName$DebugEnumModulesOutputSleepString
                                                                                                                                                                                                      • String ID: LOADER: given up after %d attempts!$LOADER: no bundled DLLs were unloaded from this process.$LOADER: removal failed!$LOADER: removal succeeded.$LOADER: trying to force-unload bundled DLLs from this process...$LOADER: trying to remove temporary directory (attempt %d / %d)...$LOADER: unloaded %d bundled DLL(s) from this process - trying to remove temporary directory again...$LOADER: waiting %d milliseconds before trying to remove temporary directory again...
                                                                                                                                                                                                      • API String ID: 3020383390-2558405752
                                                                                                                                                                                                      • Opcode ID: 4aee63548ec9a584ef875c9079c45dc744fd44d951aa9f503f8e38546b0d86d1
                                                                                                                                                                                                      • Instruction ID: 4e7d33fe0bdbb38774bf6aa4f6d4b73c85245ea6ab25fce1d9ae03d5f1b71959
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 4aee63548ec9a584ef875c9079c45dc744fd44d951aa9f503f8e38546b0d86d1
                                                                                                                                                                                                      • Instruction Fuzzy Hash: CE212C10F1C50381FB54AB6DE9921B91254EF84380F9C0132E99FE65EFEE6CE555C391
                                                                                                                                                                                                      Function 00007FF65174F898 Relevance: 12.6, APIs: 4, Strings: 3, Instructions: 310COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: BlockFrameHandler3::Unwind$CatchExecutionHandlerIs_bad_exception_allowedSearchStatestd::bad_alloc::bad_alloc
                                                                                                                                                                                                      • String ID: csm$csm$csm
                                                                                                                                                                                                      • API String ID: 849930591-393685449
                                                                                                                                                                                                      • Opcode ID: 55a0ec1e8237ffe27285874e05f24c8b912bd44a785cf4b88703c9377fcf81ea
                                                                                                                                                                                                      • Instruction ID: d607ffd03e50cbcc7f56cb0e43d5da0c709ab7b63a49e85b2749e838a9e3b9e3
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 55a0ec1e8237ffe27285874e05f24c8b912bd44a785cf4b88703c9377fcf81ea
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 5AD16D32A08B4186EB609F2D94413AD77A0FB45798F180136EE9DA7B9ACF7CE581C701
                                                                                                                                                                                                      Function 00007FF820711090 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 152COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: EqualUnicode_$Mem_$FreeMallocSubtypeType_
                                                                                                                                                                                                      • String ID: invalid normalization form
                                                                                                                                                                                                      • API String ID: 1153303739-2281882113
                                                                                                                                                                                                      • Opcode ID: 22168d29278c1de6ef91495bca67e885d51d0b2cc5fea0c41de879cb010d5d17
                                                                                                                                                                                                      • Instruction ID: 81dbc08fd760543dec8eb9b32c7523414e7598e9b0c545f977cd8a06bb41a48f
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 22168d29278c1de6ef91495bca67e885d51d0b2cc5fea0c41de879cb010d5d17
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 6C519E65B1C656AAFF648B22AC5427AE3A1AF45BC2F545031CF4E0BBC6CF2EF5059700
                                                                                                                                                                                                      Function 00007FF8207116A0 Relevance: 12.4, APIs: 4, Strings: 3, Instructions: 127COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Unicode_$Arg_ArgumentFromReadyStringSubtypeType_
                                                                                                                                                                                                      • String ID: a unicode character$argument$category
                                                                                                                                                                                                      • API String ID: 2803103377-2068800536
                                                                                                                                                                                                      • Opcode ID: 8b9f8b491c2994b115a767135a291a96eb26d3dd982b4c81d2173ffc951e8bc0
                                                                                                                                                                                                      • Instruction ID: acad6b2d3a9593bb4b92e4c348d65c8679531aa7300f8ad23e6f3e02ce88c6b6
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 8b9f8b491c2994b115a767135a291a96eb26d3dd982b4c81d2173ffc951e8bc0
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 1751D661B08A468AEF188B19DC90279A7A1EF45BD6F044035DA5F8B7D4DF2EF845D300
                                                                                                                                                                                                      Function 00007FF65175FBA0 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 117libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • FreeLibrary.KERNEL32(?,?,?,00007FF65175FF3A,?,?,-00000018,00007FF65175BBE3,?,?,?,00007FF65175BADA,?,?,?,00007FF651756DCE), ref: 00007FF65175FD1C
                                                                                                                                                                                                      • GetProcAddress.KERNEL32(?,?,?,00007FF65175FF3A,?,?,-00000018,00007FF65175BBE3,?,?,?,00007FF65175BADA,?,?,?,00007FF651756DCE), ref: 00007FF65175FD28
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: AddressFreeLibraryProc
                                                                                                                                                                                                      • String ID: api-ms-$ext-ms-
                                                                                                                                                                                                      • API String ID: 3013587201-537541572
                                                                                                                                                                                                      • Opcode ID: 2cf8426f931154c99cb9ee01236de544aa4ff3b33c516dcf84111848d41d3d11
                                                                                                                                                                                                      • Instruction ID: 95dd6b6882642e6bbf1a4bfe7e51d1731b1b8048c982fd84ef43b323e0a505a3
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 2cf8426f931154c99cb9ee01236de544aa4ff3b33c516dcf84111848d41d3d11
                                                                                                                                                                                                      • Instruction Fuzzy Hash: D941D361B19A0282FB16CB1EAC006B62395BF45B90F4E4535DD6EE778EEE3DE445C304
                                                                                                                                                                                                      Function 00007FF820711550 Relevance: 12.4, APIs: 4, Strings: 3, Instructions: 110COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Unicode_$Arg_ArgumentFromReadyStringSubtypeType_
                                                                                                                                                                                                      • String ID: a unicode character$argument$bidirectional
                                                                                                                                                                                                      • API String ID: 2803103377-2110215792
                                                                                                                                                                                                      • Opcode ID: 6f842c38fbf6266b6352dc09bd82e7f65808cd6bafd25b46999a778c18f9dfdf
                                                                                                                                                                                                      • Instruction ID: e0007cdd0ad59abb6d09014f2d9eb5107ea3f30433354950a4af26ba9f69101f
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 6f842c38fbf6266b6352dc09bd82e7f65808cd6bafd25b46999a778c18f9dfdf
                                                                                                                                                                                                      • Instruction Fuzzy Hash: A441F2A1B186428AEF588B15DC90379A3A1EF44BC6F180035EA4E8B7D4DF2FF884D340
                                                                                                                                                                                                      Function 00007FF821CE1180 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 102COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: DeallocStringmemmove$Bytes_Err_FromSize
                                                                                                                                                                                                      • String ID: Unable to allocate output buffer.
                                                                                                                                                                                                      • API String ID: 1583460924-2565006440
                                                                                                                                                                                                      • Opcode ID: 302ccff948575bc5b6c0570f94851fca6a0315b5f66909de60de6dc7c0aacbcc
                                                                                                                                                                                                      • Instruction ID: ad02db3d06e4761a833612927653c8ec5e0731c0352381188cd0ba316a07ffd0
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 302ccff948575bc5b6c0570f94851fca6a0315b5f66909de60de6dc7c0aacbcc
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 55414CBAA18F45C1EB198F56E840269BBA0FB48BE4F684532CE4D87754DF3CE595C700
                                                                                                                                                                                                      Function 00007FF820714574 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 87COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: FromStringUnicode_$S_snprintfSizeSubtypeType_memcpy
                                                                                                                                                                                                      • String ID: $%04X
                                                                                                                                                                                                      • API String ID: 762632776-4013080060
                                                                                                                                                                                                      • Opcode ID: 8f010d78afd3c5818cfb4910701cc2a93885e9771a9bff0787413f6ee937c649
                                                                                                                                                                                                      • Instruction ID: e298015305e32889f3d1e4a0496a815f8ae8f86ef4a3e5c2655f94bbe4f85c9c
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 8f010d78afd3c5818cfb4910701cc2a93885e9771a9bff0787413f6ee937c649
                                                                                                                                                                                                      • Instruction Fuzzy Hash: AB31A2A2A08A854AEB218B14EC543B9A3A1FF49BE6F480335DA6E077C5DF3DF555C300
                                                                                                                                                                                                      Function 00007FF82083377E Relevance: 12.3, APIs: 2, Strings: 5, Instructions: 85stringCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: strncmpstrtoul
                                                                                                                                                                                                      • String ID: MASK:$default$nombstr$pkix$utf8only
                                                                                                                                                                                                      • API String ID: 3007069910-3483942737
                                                                                                                                                                                                      • Opcode ID: 932e197565b87e33d4723a3e589863ca2d8ca3d862467106704a9ed93825c48c
                                                                                                                                                                                                      • Instruction ID: 697b3cf5d1d63f6108c27b42fa2b200497a175ba95ecba153182e5ac3125767b
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 932e197565b87e33d4723a3e589863ca2d8ca3d862467106704a9ed93825c48c
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 2931EA62B1C58582EB514B29FC503BE3790FB457E0F855232EA9E47B95EE1CF491C700
                                                                                                                                                                                                      Function 00007FF820714C10 Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 78COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Arg_ArgumentErr_FromLongLong_OccurredReadyUnicode_
                                                                                                                                                                                                      • String ID: a unicode character$argument$mirrored
                                                                                                                                                                                                      • API String ID: 3097524968-4001128513
                                                                                                                                                                                                      • Opcode ID: a778e76fe43f494d7f351cf3d9963943a965506800762402e56c89a3088c44b2
                                                                                                                                                                                                      • Instruction ID: 463edbbbc25fe40ebeed821182d87f004c239929526d35a2cf1fbe3ab1115e46
                                                                                                                                                                                                      • Opcode Fuzzy Hash: a778e76fe43f494d7f351cf3d9963943a965506800762402e56c89a3088c44b2
                                                                                                                                                                                                      • Instruction Fuzzy Hash: FB31BD60B096068BFB684F25DC61379A2A2AF84BD6F544535CF0E873C0EF2EF8459394
                                                                                                                                                                                                      Function 00007FF82071413C Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 78COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Arg_ArgumentErr_FromLongLong_OccurredReadyUnicode_
                                                                                                                                                                                                      • String ID: a unicode character$argument$combining
                                                                                                                                                                                                      • API String ID: 3097524968-4202047184
                                                                                                                                                                                                      • Opcode ID: 0e3e88da4055aaeba4dce951f7ad24c458dac837fb036e1c1bb397ee2ac8be3b
                                                                                                                                                                                                      • Instruction ID: f96500c4e5ddae0998c0031faf1514d2da24d6b893a77e6a8bbf68c06e8d0d7d
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 0e3e88da4055aaeba4dce951f7ad24c458dac837fb036e1c1bb397ee2ac8be3b
                                                                                                                                                                                                      • Instruction Fuzzy Hash: C231DF60B0860A5BFB644B25DC51379A2A2BF54BD6F044535DB0E873C0DF3EF885A300
                                                                                                                                                                                                      Function 00007FF821CE1070 Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 69COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: String$Err_$AppendBytes_DeallocFromList_Size
                                                                                                                                                                                                      • String ID: Unable to allocate output buffer.
                                                                                                                                                                                                      • API String ID: 2547554596-2565006440
                                                                                                                                                                                                      • Opcode ID: 7e1e3b8c1928b2da807ddf7aa8ca177fec8d15fc26be477a22987a1ae2f2f214
                                                                                                                                                                                                      • Instruction ID: 90dce20769bd818f26ae87cd8e3e2d9d72680527700b06ae526b967b190e697a
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 7e1e3b8c1928b2da807ddf7aa8ca177fec8d15fc26be477a22987a1ae2f2f214
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 19311635A09F42C1EB14CB1AEC501297BA4FB84BE4B744232DA6E837A4DF3EF4548700
                                                                                                                                                                                                      Function 00007FF821CE1470 Relevance: 12.1, APIs: 8, Instructions: 101threadCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Eval_Thread$DeallocRestoreSave$Bytes_FromList_SizeString
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2275295419-0
                                                                                                                                                                                                      • Opcode ID: 5933d949b30942274c393e5cfa0f89909fbd9161848d49aca86a962fd84fa288
                                                                                                                                                                                                      • Instruction ID: fb41c09b946f780e36524d4b487d1ab569e42d1669152dc5c76d58a452b03af9
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 5933d949b30942274c393e5cfa0f89909fbd9161848d49aca86a962fd84fa288
                                                                                                                                                                                                      • Instruction Fuzzy Hash: CB41A336A09F8685EB248F24E8003AAB7A0FB887D4FB44136DA8D43755EF7CE455CB40
                                                                                                                                                                                                      Function 00007FF8207111D0 Relevance: 10.8, APIs: 7, Instructions: 312COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Mem_$MallocSubtypeType_$DeallocErr_FreeMemory
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 4139299733-0
                                                                                                                                                                                                      • Opcode ID: 5be55f5bbb3303c170d09a18b84e3569b3095b49e504f61c933743c06f8429b5
                                                                                                                                                                                                      • Instruction ID: 76ad67598a92055d27fa04663f7a061dbc2c9567fedcb4421c98d0f3c9ad53f1
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 5be55f5bbb3303c170d09a18b84e3569b3095b49e504f61c933743c06f8429b5
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 36D1E0B2A1C5A289EA648B15E89463DA7A5FB45BD6F140131DA8F8A7C4DF3EF841C700
                                                                                                                                                                                                      Function 00007FF8208360D2 Relevance: 10.7, APIs: 4, Strings: 2, Instructions: 227COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Fiber$Switch$CreateDelete
                                                                                                                                                                                                      • String ID: *$..\s\crypto\async\async.c
                                                                                                                                                                                                      • API String ID: 2050058302-1471988776
                                                                                                                                                                                                      • Opcode ID: 8920d8a6e26df22ecb509228a74210a7dc2889806a0a11c7c113a2e796b959e2
                                                                                                                                                                                                      • Instruction ID: 567e549d9211a3655de7559635480feccc3d9bfe1560e065e590e614ea9bccfa
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 8920d8a6e26df22ecb509228a74210a7dc2889806a0a11c7c113a2e796b959e2
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 60A14A72B09A4296EB20DF25EC9527A63A0AB98BC4F848431DA8E47795EF3CF555C300
                                                                                                                                                                                                      Function 00007FF821D28D30 Relevance: 10.7, APIs: 7, Instructions: 212COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: memmove$exit
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 987259897-0
                                                                                                                                                                                                      • Opcode ID: 896fa3ff6dc6034e01015742b7d00b17e3cd593d516e5aaf0fa330e4b8c5e894
                                                                                                                                                                                                      • Instruction ID: 17dbd80034f45e1ba0a1d9a82b09e89720b914ec7adab44a1f237db4af58a6ae
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 896fa3ff6dc6034e01015742b7d00b17e3cd593d516e5aaf0fa330e4b8c5e894
                                                                                                                                                                                                      • Instruction Fuzzy Hash: C7B13676205EC0CAD740CF29C8947AE7BA1E759B89F188139CF494B359CF3AE452CB21
                                                                                                                                                                                                      Function 00007FF820A339B0 Relevance: 10.7, APIs: 1, Strings: 6, Instructions: 190stringCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: strncpy
                                                                                                                                                                                                      • String ID: , failure codes: $, status text: $..\s\crypto\ts\ts_rsp_verify.c$status code: $unknown code$unspecified
                                                                                                                                                                                                      • API String ID: 3301158039-2553778726
                                                                                                                                                                                                      • Opcode ID: 319634f7b095abd5d8ff97925e4b59588c5de989d9ec43cbb39da121e2571c00
                                                                                                                                                                                                      • Instruction ID: 11aa28c5995d96b7a5519b17e541c7d67a848aea2ccc1ff99972cc53817528b7
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 319634f7b095abd5d8ff97925e4b59588c5de989d9ec43cbb39da121e2571c00
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 3A815D23B0C68686EB60EB25AC953BAA790EFC9BC0F854035DA4E47795DF3DF5458700
                                                                                                                                                                                                      Function 00007FF8328B7190 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 95COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685906558.00007FF8328B1000.00000020.00000001.01000000.00000012.sdmp, Offset: 00007FF8328B0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685870583.00007FF8328B0000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685947239.00007FF8328C5000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685983863.00007FF8328CB000.00000004.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1686019669.00007FF8328CF000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff8328b0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Err_String
                                                                                                                                                                                                      • String ID: 'SuperWeirdWordPlugin' object attribute '_foreign_long_count' cannot be deleted$attribute '_foreign_long_count' of 'SuperWeirdWordPlugin' undefined$int
                                                                                                                                                                                                      • API String ID: 1450464846-3135691889
                                                                                                                                                                                                      • Opcode ID: 5838e2911ace64e59a4c40d345dfda54d046d1b90d6a86022b7636daf40cce6b
                                                                                                                                                                                                      • Instruction ID: ef84eac883077083bba63c26a75202d0b1ade969038224d226d131f575af2662
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 5838e2911ace64e59a4c40d345dfda54d046d1b90d6a86022b7636daf40cce6b
                                                                                                                                                                                                      • Instruction Fuzzy Hash: FB318B62F0AA0681EF54AB25EC542F56350EF84BE0F585235EA5E077F5DFBCE494A300
                                                                                                                                                                                                      Function 00007FF820832E4B Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 91COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: EnvironmentVariable
                                                                                                                                                                                                      • String ID: OPENSSL_ia32cap$~$~$~$~
                                                                                                                                                                                                      • API String ID: 1431749950-1981414212
                                                                                                                                                                                                      • Opcode ID: 9eacd33310160f1931e422656a7230303f5cc1d66217712b0478dcc86fde18b9
                                                                                                                                                                                                      • Instruction ID: 22a8321ae043da66e491b9648f27cb9814e9cd313e92db046bcf13225310cdf5
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 9eacd33310160f1931e422656a7230303f5cc1d66217712b0478dcc86fde18b9
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 1F41AD25E0969386F7609B21BC442B976A4EB48BC0F844175E99F47BE4EF7CF481CB40
                                                                                                                                                                                                      Function 00007FF820714D84 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 91COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Arg_$ArgumentCheckPositionalReadyUnicode_
                                                                                                                                                                                                      • String ID: a unicode character$argument 1$name
                                                                                                                                                                                                      • API String ID: 3545102714-4190364640
                                                                                                                                                                                                      • Opcode ID: 94e7ee99c4dc3aa2bb1b14e34242e024d645e709b94d4c586480ea63cd2f4719
                                                                                                                                                                                                      • Instruction ID: 62ffb757701b64eadf158ee9789bbc231730d71515ad8898089c49e28d81fcaa
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 94e7ee99c4dc3aa2bb1b14e34242e024d645e709b94d4c586480ea63cd2f4719
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 18315822B186468AEB608B16DC50369A361FB84BD6F588031CE4D47BD8CF3EF85AC700
                                                                                                                                                                                                      Function 00007FF8207142A8 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 91COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Arg_$ArgumentCheckPositionalReadyUnicode_
                                                                                                                                                                                                      • String ID: a unicode character$argument 1$decimal
                                                                                                                                                                                                      • API String ID: 3545102714-2474051849
                                                                                                                                                                                                      • Opcode ID: fb38ba14d3dffb49f2d9fefa403c46d6568df7bfe510786d921799ca9568ac64
                                                                                                                                                                                                      • Instruction ID: f269d24a3cca377910d41519169cfb15ad31125ea23e6771e9b8207517238b5a
                                                                                                                                                                                                      • Opcode Fuzzy Hash: fb38ba14d3dffb49f2d9fefa403c46d6568df7bfe510786d921799ca9568ac64
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 8A317A22B186568AEB608B16DC4137DA361EB84BD6F948031DA5D67BD4DF3EF942D300
                                                                                                                                                                                                      Function 00007FF820714F50 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 91COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Arg_$ArgumentCheckPositionalReadyUnicode_
                                                                                                                                                                                                      • String ID: a unicode character$argument 1$numeric
                                                                                                                                                                                                      • API String ID: 3545102714-2385192657
                                                                                                                                                                                                      • Opcode ID: 599f939e019d3ab0ab16c07c704c8a2d368a729848ff51ced41fc5b09ed2dbaf
                                                                                                                                                                                                      • Instruction ID: 8cca16e302c8d4fd6afcf8c8fdc560f838c5162fc051f6696ca1ff164a8672cf
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 599f939e019d3ab0ab16c07c704c8a2d368a729848ff51ced41fc5b09ed2dbaf
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 3F318922B186468AFB648B66DC40379A361EB88BC6F588531DA4D47BD4DF3FF946C340
                                                                                                                                                                                                      Function 00007FF65174EB58 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 88libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • LoadLibraryExW.KERNEL32(?,?,?,00007FF65174EE0A,?,?,?,00007FF65174EAFC,?,?,?,00007FF65174E6F9), ref: 00007FF65174EBDD
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,?,?,00007FF65174EE0A,?,?,?,00007FF65174EAFC,?,?,?,00007FF65174E6F9), ref: 00007FF65174EBEB
                                                                                                                                                                                                      • LoadLibraryExW.KERNEL32(?,?,?,00007FF65174EE0A,?,?,?,00007FF65174EAFC,?,?,?,00007FF65174E6F9), ref: 00007FF65174EC15
                                                                                                                                                                                                      • FreeLibrary.KERNEL32(?,?,?,00007FF65174EE0A,?,?,?,00007FF65174EAFC,?,?,?,00007FF65174E6F9), ref: 00007FF65174EC83
                                                                                                                                                                                                      • GetProcAddress.KERNEL32(?,?,?,00007FF65174EE0A,?,?,?,00007FF65174EAFC,?,?,?,00007FF65174E6F9), ref: 00007FF65174EC8F
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Library$Load$AddressErrorFreeLastProc
                                                                                                                                                                                                      • String ID: api-ms-
                                                                                                                                                                                                      • API String ID: 2559590344-2084034818
                                                                                                                                                                                                      • Opcode ID: 40a510cebb62c697958816eb18758dfdc694259234190da95a043a57b17deadc
                                                                                                                                                                                                      • Instruction ID: f24f808f50746d977473e9d021334cd424df8a4e9e26a513a4d65ee92faf4990
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 40a510cebb62c697958816eb18758dfdc694259234190da95a043a57b17deadc
                                                                                                                                                                                                      • Instruction Fuzzy Hash: CE31B421B1AA4681EF169B1AA80097523D4FF45BB4F1D0535DD9DA739AEF7CE484C308
                                                                                                                                                                                                      Function 00007FF8208339BD Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 74fileCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _chmod_stat64i32fclosefwrite
                                                                                                                                                                                                      • String ID: ..\s\crypto\rand\randfile.c$Filename=
                                                                                                                                                                                                      • API String ID: 4260490851-2201148535
                                                                                                                                                                                                      • Opcode ID: b92129e8508862641eed399a8e5179a0bb6c7147643e5021365d23c2bd3b3ffe
                                                                                                                                                                                                      • Instruction ID: 4b1a6f64a87ebf9ae087ebc73d0271c44b7baade26eca9c7ec20c79954abaec3
                                                                                                                                                                                                      • Opcode Fuzzy Hash: b92129e8508862641eed399a8e5179a0bb6c7147643e5021365d23c2bd3b3ffe
                                                                                                                                                                                                      • Instruction Fuzzy Hash: D7314962B0864692EA24DB55EC553AE73A0EF88BC4F804035DA5E0B796EF7CF644CB01
                                                                                                                                                                                                      Function 00007FF651742A60 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 67windowCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentDebugMessageOutputProcessString
                                                                                                                                                                                                      • String ID: ERROR$Error$[PYI-%d:%ls]
                                                                                                                                                                                                      • API String ID: 4028877780-255084403
                                                                                                                                                                                                      • Opcode ID: 1e1e697de07596296eec8ab673501bf26ab91b3c60915258754e5fb6025e7fb8
                                                                                                                                                                                                      • Instruction ID: 406b5cbad5a0cbaaaa9e14d5990c218ed56c799880ee91b9e83b4888d9dad015
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 1e1e697de07596296eec8ab673501bf26ab91b3c60915258754e5fb6025e7fb8
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 72218032718B8192E710DB18F8847AA73A4FB887C4F440536EE8DA365ADF7CE215C700
                                                                                                                                                                                                      Function 00007FF651749E70 Relevance: 10.6, APIs: 2, Strings: 5, Instructions: 67COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                        • Part of subcall function 00007FF651749360: GetCurrentProcess.KERNEL32 ref: 00007FF651749380
                                                                                                                                                                                                        • Part of subcall function 00007FF651749360: OpenProcessToken.ADVAPI32 ref: 00007FF651749393
                                                                                                                                                                                                        • Part of subcall function 00007FF651749360: GetTokenInformation.ADVAPI32 ref: 00007FF6517493B8
                                                                                                                                                                                                        • Part of subcall function 00007FF651749360: GetLastError.KERNEL32 ref: 00007FF6517493C2
                                                                                                                                                                                                        • Part of subcall function 00007FF651749360: GetTokenInformation.ADVAPI32 ref: 00007FF651749402
                                                                                                                                                                                                        • Part of subcall function 00007FF651749360: ConvertSidToStringSidW.ADVAPI32 ref: 00007FF65174941E
                                                                                                                                                                                                        • Part of subcall function 00007FF651749360: CloseHandle.KERNEL32 ref: 00007FF651749436
                                                                                                                                                                                                      • LocalFree.KERNEL32(?,00007FF6517441E6), ref: 00007FF651749EFC
                                                                                                                                                                                                      • LocalFree.KERNEL32(?,00007FF6517441E6), ref: 00007FF651749F05
                                                                                                                                                                                                        • Part of subcall function 00007FF651742880: GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF651743BC3,?,00007FF651743CC2), ref: 00007FF6517428CE
                                                                                                                                                                                                        • Part of subcall function 00007FF651742880: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF651743BC3,?,00007FF651743CC2), ref: 00007FF651742938
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ProcessToken$CurrentFreeInformationLocalString$CloseConvertDebugErrorHandleLastOpenOutput
                                                                                                                                                                                                      • String ID: D:(A;;FA;;;%s)$D:(A;;FA;;;%s)(A;;FA;;;%s)$LOADER: initializing security descriptor from string: %ls$S-1-3-4$Security descriptor string length exceeds PYI_PATH_MAX!
                                                                                                                                                                                                      • API String ID: 269996328-3724802649
                                                                                                                                                                                                      • Opcode ID: 942c3b14874243cf1b78bbcc71b7a775e57f197bbe4712efdd36e09da04fe12c
                                                                                                                                                                                                      • Instruction ID: 45d170562751cc29e22c8d8efa959e9707e2d6fd10c09f2b505c6e24d818617e
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 942c3b14874243cf1b78bbcc71b7a775e57f197bbe4712efdd36e09da04fe12c
                                                                                                                                                                                                      • Instruction Fuzzy Hash: FB314121A0874291FB109B18E4152FA6365FF88780F884032EA8EE379FDF7CD945C740
                                                                                                                                                                                                      Function 00007FF651742DB0 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 67windowCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetCurrentProcessId.KERNEL32(?,00000000,00000000,?,00000000,00007FF651749F1F,?,00007FF6517441E6), ref: 00007FF651742E00
                                                                                                                                                                                                      • OutputDebugStringW.KERNEL32(?,00000000,00000000,?,00000000,00007FF651749F1F,?,00007FF6517441E6), ref: 00007FF651742E75
                                                                                                                                                                                                      • MessageBoxW.USER32 ref: 00007FF651742E95
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentDebugMessageOutputProcessString
                                                                                                                                                                                                      • String ID: WARNING$Warning$[PYI-%d:%ls]
                                                                                                                                                                                                      • API String ID: 4028877780-3797743490
                                                                                                                                                                                                      • Opcode ID: 56819f1be48c112748468f149acbceb8499576ef0579645d9bea89b52a9a0466
                                                                                                                                                                                                      • Instruction ID: 9c635d9563b6435501bd95569747a542bff29117185fb0fc5336c0a359c60229
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 56819f1be48c112748468f149acbceb8499576ef0579645d9bea89b52a9a0466
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 01218062718B8192E710DB28F8447AA73A4FB88784F440136EA8DA365ADF7CE215C740
                                                                                                                                                                                                      Function 00007FF651742CB0 Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 64COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetCurrentProcessId.KERNEL32(00000000,?,?,?,00000000,00007FF6517437BA,?,?,00007FF651743991), ref: 00007FF651742D00
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentProcess
                                                                                                                                                                                                      • String ID: 0$WARNING$Warning$Warning [ANSI Fallback]$[PYI-%d:%s]
                                                                                                                                                                                                      • API String ID: 2050909247-2900015858
                                                                                                                                                                                                      • Opcode ID: 8a6a451d4e64bc3179bcbf3274428a6642e652168afc76095dbdae54d2b453ba
                                                                                                                                                                                                      • Instruction ID: 2ee2b15749a79f68bee8093d3c35f688b7c43885c70576be0ed135311d890719
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 8a6a451d4e64bc3179bcbf3274428a6642e652168afc76095dbdae54d2b453ba
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 0E217F7261878152E7209B54F8407E663A4FB887C4F440136FACDA365EDF7CE645C640
                                                                                                                                                                                                      Function 00007FF651749360 Relevance: 10.6, APIs: 7, Instructions: 63COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Token$InformationProcess$CloseConvertCurrentErrorHandleLastOpenString
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 995526605-0
                                                                                                                                                                                                      • Opcode ID: f9d2e60adfac8eff07b0ba1b2980cb509e7f22c1ae5d18bf02c699d7bfa91117
                                                                                                                                                                                                      • Instruction ID: c9c65ca73a524a57317eae385ff54a6120eaae65356ef4b4fc8dd1747f6b11fe
                                                                                                                                                                                                      • Opcode Fuzzy Hash: f9d2e60adfac8eff07b0ba1b2980cb509e7f22c1ae5d18bf02c699d7bfa91117
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 95213531B0C64282EB509B5DF44427AA3B0FF857A0F580235EAAD93ADEDFBCD4458700
                                                                                                                                                                                                      Function 00007FF65175BFE0 Relevance: 10.6, APIs: 7, Instructions: 62COMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Value$ErrorLast
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2506987500-0
                                                                                                                                                                                                      • Opcode ID: 353c6f777dc9a489d84974f90139be78998419b3d523d88e733c004890fb5945
                                                                                                                                                                                                      • Instruction ID: e427d1638671e18d2e27b02e635709104c9e1f2583a1f8adc0d743f2e95d4335
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 353c6f777dc9a489d84974f90139be78998419b3d523d88e733c004890fb5945
                                                                                                                                                                                                      • Instruction Fuzzy Hash: A7214C20B0D24243FB58672D9A4123961965F4ABA0F5E4B35E93EF7ADFDE3DB4428201
                                                                                                                                                                                                      Function 00007FF651768BFC Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48fileCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ConsoleWrite$CloseCreateErrorFileHandleLast
                                                                                                                                                                                                      • String ID: CONOUT$
                                                                                                                                                                                                      • API String ID: 3230265001-3130406586
                                                                                                                                                                                                      • Opcode ID: 5c6e57e550d3b47b38588f68e65aae1629f5c424c0371111055432e8af963ac1
                                                                                                                                                                                                      • Instruction ID: d84ce9699f457340637338bf6d95373668a0ff0498861eea7e119e120c737113
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 5c6e57e550d3b47b38588f68e65aae1629f5c424c0371111055432e8af963ac1
                                                                                                                                                                                                      • Instruction Fuzzy Hash: F011D021B18B4586E7508B5AE84433972A0FB88BE4F084734EA1ED77A9CF3CD844C740
                                                                                                                                                                                                      Function 00007FF82083648D Relevance: 9.1, APIs: 3, Strings: 3, Instructions: 109stringCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: strncmp
                                                                                                                                                                                                      • String ID: ASN1:$DER:$critical,
                                                                                                                                                                                                      • API String ID: 1114863663-369496153
                                                                                                                                                                                                      • Opcode ID: ae11fdbc24c79936ca1b4e77633981d5be724123b6f72bef28181d9e67e2a25a
                                                                                                                                                                                                      • Instruction ID: fe7f9050f7ea02b54020caf4c8c01bd8aaf6551cfd1d148ca233e2831cdff70a
                                                                                                                                                                                                      • Opcode Fuzzy Hash: ae11fdbc24c79936ca1b4e77633981d5be724123b6f72bef28181d9e67e2a25a
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 1241C122F1868641FF206B32AD4277A66A0AF4ABD4F884231DE5F47BD5EE3CF4048740
                                                                                                                                                                                                      Function 00007FF820834DF9 Relevance: 9.1, APIs: 3, Strings: 3, Instructions: 108stringCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: strncmp
                                                                                                                                                                                                      • String ID: ASN1:$DER:$critical,
                                                                                                                                                                                                      • API String ID: 1114863663-369496153
                                                                                                                                                                                                      • Opcode ID: 079d044b96f797de36bd5393d8ca46bd7bdc0801725f75768ff71a61f539266b
                                                                                                                                                                                                      • Instruction ID: 2f9bf582d8b9188b105b56f3f35831012da4f952b48df2f2b875fee7e195ff8c
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 079d044b96f797de36bd5393d8ca46bd7bdc0801725f75768ff71a61f539266b
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 7941BE22F1968682EF609B26AD4177A66B0FB49BD4F885130DE5F47B99DE3CF4048740
                                                                                                                                                                                                      Function 00007FF65175C158 Relevance: 9.1, APIs: 6, Instructions: 57COMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,?,?,00007FF651755DA1,?,?,?,?,00007FF65175B31A,?,?,?,?,00007FF65175801F), ref: 00007FF65175C167
                                                                                                                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF651755DA1,?,?,?,?,00007FF65175B31A,?,?,?,?,00007FF65175801F), ref: 00007FF65175C19D
                                                                                                                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF651755DA1,?,?,?,?,00007FF65175B31A,?,?,?,?,00007FF65175801F), ref: 00007FF65175C1CA
                                                                                                                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF651755DA1,?,?,?,?,00007FF65175B31A,?,?,?,?,00007FF65175801F), ref: 00007FF65175C1DB
                                                                                                                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF651755DA1,?,?,?,?,00007FF65175B31A,?,?,?,?,00007FF65175801F), ref: 00007FF65175C1EC
                                                                                                                                                                                                      • SetLastError.KERNEL32(?,?,?,00007FF651755DA1,?,?,?,?,00007FF65175B31A,?,?,?,?,00007FF65175801F), ref: 00007FF65175C207
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Value$ErrorLast
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2506987500-0
                                                                                                                                                                                                      • Opcode ID: 4ecefaf6709cdc23854bbcc1096406bf1cce135c4b5d6844add43eefc89f2c39
                                                                                                                                                                                                      • Instruction ID: 7bc03798aea11bca08d2822da30f6171a188d926331b43c79a9a9787079d75a2
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 4ecefaf6709cdc23854bbcc1096406bf1cce135c4b5d6844add43eefc89f2c39
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 16115E60B0D24243FB58672D9A4123922565F487B0F6E0B35E83EF7ADFDE3CB4428201
                                                                                                                                                                                                      Function 00007FF820833D05 Relevance: 8.9, APIs: 2, Strings: 3, Instructions: 112stringCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _stricmpstrncmp
                                                                                                                                                                                                      • String ID: ..\s\crypto\store\store_lib.c$T$file
                                                                                                                                                                                                      • API String ID: 3873111123-909561481
                                                                                                                                                                                                      • Opcode ID: ba25098b119c77cfd35ea32cb723f816717d699ff227d80ed2ffd5f29ad059cd
                                                                                                                                                                                                      • Instruction ID: e6242d98a212d05bd5e02202e05d96058916ec7d5c5a3b8fc669b1445bd0939b
                                                                                                                                                                                                      • Opcode Fuzzy Hash: ba25098b119c77cfd35ea32cb723f816717d699ff227d80ed2ffd5f29ad059cd
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 9E414B33A09B469AEA21AB11EC515AA73A4FF88BD4F844135DE4E07B95EF3CF546C700
                                                                                                                                                                                                      Function 00007FF651742B70 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 86COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetCurrentProcessId.KERNEL32(?,?,?,?,?,00000000,00000000,00000000,00007FF651741BAA), ref: 00007FF651742BBE
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentProcess
                                                                                                                                                                                                      • String ID: %s: %s$Error$Error [ANSI Fallback]$[PYI-%d:ERROR]
                                                                                                                                                                                                      • API String ID: 2050909247-2962405886
                                                                                                                                                                                                      • Opcode ID: a44bae74d6bd855dbf44311f44d88be9ad0e758d3b31ec434b087b6dff6f749a
                                                                                                                                                                                                      • Instruction ID: 739a07afed4c7748529209b0a62fe6cc2721d62b7c241dbb2f6cbde35821b3d3
                                                                                                                                                                                                      • Opcode Fuzzy Hash: a44bae74d6bd855dbf44311f44d88be9ad0e758d3b31ec434b087b6dff6f749a
                                                                                                                                                                                                      • Instruction Fuzzy Hash: E531E822B1868152E710AB69B8406E77695BF887D4F454132FE8DE379EEF7CE546C300
                                                                                                                                                                                                      Function 00007FF820714484 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 70COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Arg_ArgumentReadyUnicode_
                                                                                                                                                                                                      • String ID: a unicode character$argument$decomposition
                                                                                                                                                                                                      • API String ID: 1875788646-2471543666
                                                                                                                                                                                                      • Opcode ID: d5f8e1d1838016190bef5668ce4da4a2cda0a1ddf47b54ab3442ce62d4983cc2
                                                                                                                                                                                                      • Instruction ID: d2d51ac40ea0f832a8a9dde744f2f8c9e54ad7e5b85836a94dc7744bb03453be
                                                                                                                                                                                                      • Opcode Fuzzy Hash: d5f8e1d1838016190bef5668ce4da4a2cda0a1ddf47b54ab3442ce62d4983cc2
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 3721BD61B086464BFB648B15DC61379A2A2EF84BE6F448135DE4E873C4DF2EF8659340
                                                                                                                                                                                                      Function 00007FF820714840 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 70COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Arg_ArgumentReadyUnicode_
                                                                                                                                                                                                      • String ID: a unicode character$argument$east_asian_width
                                                                                                                                                                                                      • API String ID: 1875788646-3913127203
                                                                                                                                                                                                      • Opcode ID: dbe43c5c28b2e864e9847442fb4680e199cdb81cdd8ff4271a4bb4a7558a351a
                                                                                                                                                                                                      • Instruction ID: 0a3564529f2d55947bd7ff0854b6a2c9d6ca83683f24e56d33f5202385bedadb
                                                                                                                                                                                                      • Opcode Fuzzy Hash: dbe43c5c28b2e864e9847442fb4680e199cdb81cdd8ff4271a4bb4a7558a351a
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 22217A61B087868BFB648B15DC6237A92A1AF84BD6F444535CF4E873C5DF2EF8469340
                                                                                                                                                                                                      Function 00007FF651742960 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 64COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetCurrentProcessId.KERNEL32(?,?,00000000,00000000,00000000,00007FF651741BD9), ref: 00007FF6517429B0
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentProcess
                                                                                                                                                                                                      • String ID: ERROR$Error$Error [ANSI Fallback]$[PYI-%d:%s]
                                                                                                                                                                                                      • API String ID: 2050909247-1591803126
                                                                                                                                                                                                      • Opcode ID: eb898bdf2d85b565f5f2957a308ee0a964734eed4196599ac48ac7272669ba57
                                                                                                                                                                                                      • Instruction ID: 6703d1ada71a611181d5a7e8775a7b16b31dee0dbaede51ff67ebe9e59babd9e
                                                                                                                                                                                                      • Opcode Fuzzy Hash: eb898bdf2d85b565f5f2957a308ee0a964734eed4196599ac48ac7272669ba57
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 93217F3261878142E7209B58F8407E663A4FB887C4F440136FACDA365EDF7CE245C640
                                                                                                                                                                                                      Function 00007FF820715094 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 48COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: DoubleErr_Float_FromNumericStringSubtypeType_Unicode_
                                                                                                                                                                                                      • String ID: not a numeric character
                                                                                                                                                                                                      • API String ID: 1034370217-2058156748
                                                                                                                                                                                                      • Opcode ID: 4cb6f1b5efbfda6638c0cdfd582c8c8d1892565bd548cca9a3afd41c4d5c272b
                                                                                                                                                                                                      • Instruction ID: d3cf0d108a46ce723b2c6f1b9a844d43c0f567b03a92b43cb32e58905ff61d7f
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 4cb6f1b5efbfda6638c0cdfd582c8c8d1892565bd548cca9a3afd41c4d5c272b
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4D11C421A0C98AD9FB598B25DC40139E3A1EF48BC6F288030C95E137D4DF2EF886D740
                                                                                                                                                                                                      Function 00007FF8207143EC Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 45COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: DecimalDigitErr_FromLongLong_StringSubtypeType_Unicode_
                                                                                                                                                                                                      • String ID: not a decimal
                                                                                                                                                                                                      • API String ID: 3750391552-3590249192
                                                                                                                                                                                                      • Opcode ID: 480c0e289b089f2dea03889a00adf552dacdf64e323fa503627025c33b286684
                                                                                                                                                                                                      • Instruction ID: 0719043d783048ffb4e5deede99e57cd3706ce234b58de9a658370d6616e0bcd
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 480c0e289b089f2dea03889a00adf552dacdf64e323fa503627025c33b286684
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 7B11A565B0CA969AEB548B15EC54339E7A1AF84FD6F494030CE4E477D4DF2EF8869300
                                                                                                                                                                                                      Function 00007FF821CE17B0 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 34COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Arg_Buffer_Err_ParseReleaseSizeStringTuple_
                                                                                                                                                                                                      • String ID: BrotliEncoderCompressStream failed while processing the stream$y*:process
                                                                                                                                                                                                      • API String ID: 2872489292-243030088
                                                                                                                                                                                                      • Opcode ID: cb8378cd060a40f59fa4d56021550bc41c31a91fa3c041aef3c9e0e738a50166
                                                                                                                                                                                                      • Instruction ID: d48f85d247f4325d18fdf6d7e7cdf30b5d0793b38c62f86ad0ba57d0edc7d8fc
                                                                                                                                                                                                      • Opcode Fuzzy Hash: cb8378cd060a40f59fa4d56021550bc41c31a91fa3c041aef3c9e0e738a50166
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 6FF06D66B19E42C1FF158B65DC400B967A1BF88FC5BB44032C95D87724EE2CF5548A00
                                                                                                                                                                                                      Function 00007FF8207125A0 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 31COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Mem_$Capsule_Err_FreeMallocMemory
                                                                                                                                                                                                      • String ID: unicodedata._ucnhash_CAPI
                                                                                                                                                                                                      • API String ID: 3673501854-3989975041
                                                                                                                                                                                                      • Opcode ID: 4f9c832924a9756495b7a5c9d469443539cf620dd58ed21d3cdd85e935500ac7
                                                                                                                                                                                                      • Instruction ID: 311e17f54ca4cefdf6aef0077fe6b6bc211e86e1e8a3aeb9412d2a4f9b91f2b4
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 4f9c832924a9756495b7a5c9d469443539cf620dd58ed21d3cdd85e935500ac7
                                                                                                                                                                                                      • Instruction Fuzzy Hash: BEF03720A19B4B99EF018B11AC541B9A3A9BF18BC3F481431C84E063E4EF3EF059D310
                                                                                                                                                                                                      Function 00007FF65175A918 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 27libraryloaderCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: AddressFreeHandleLibraryModuleProc
                                                                                                                                                                                                      • String ID: CorExitProcess$mscoree.dll
                                                                                                                                                                                                      • API String ID: 4061214504-1276376045
                                                                                                                                                                                                      • Opcode ID: 0445041011577c357e717ecaae105294981f0374ecf8f27c16854f9c2d48fabb
                                                                                                                                                                                                      • Instruction ID: c4a3e942b456dba76c3d35c45920273c856ccaf49169f0f5ec9e3ed0ba4951ce
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 0445041011577c357e717ecaae105294981f0374ecf8f27c16854f9c2d48fabb
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 23F09665B09A0682FB148B28E4443796370FF457A5F590639D56DD61FDCF3CD444C740
                                                                                                                                                                                                      Function 00007FF65176A1F8 Relevance: 7.6, APIs: 5, Instructions: 56COMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _set_statfp
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 1156100317-0
                                                                                                                                                                                                      • Opcode ID: 2530144b45b37c08dad10d77fcc83a40a954e87303b189ab66742d0fc2e2be8e
                                                                                                                                                                                                      • Instruction ID: 5466425dfeca14bd4ef3d80c74f59fe26c1d643f72b026448edd85a4500e1552
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 2530144b45b37c08dad10d77fcc83a40a954e87303b189ab66742d0fc2e2be8e
                                                                                                                                                                                                      • Instruction Fuzzy Hash: F811C162E8CE2B09F794116CE45237502406F98370E3D0A34F97EF72DF8E2DA8854110
                                                                                                                                                                                                      Function 00007FF65175C220 Relevance: 7.6, APIs: 5, Instructions: 54COMMONLIBRARYCODE
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • FlsGetValue.KERNEL32(?,?,?,00007FF65175B433,?,?,00000000,00007FF65175B6CE,?,?,?,?,?,00007FF65175B65A), ref: 00007FF65175C23F
                                                                                                                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF65175B433,?,?,00000000,00007FF65175B6CE,?,?,?,?,?,00007FF65175B65A), ref: 00007FF65175C25E
                                                                                                                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF65175B433,?,?,00000000,00007FF65175B6CE,?,?,?,?,?,00007FF65175B65A), ref: 00007FF65175C286
                                                                                                                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF65175B433,?,?,00000000,00007FF65175B6CE,?,?,?,?,?,00007FF65175B65A), ref: 00007FF65175C297
                                                                                                                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF65175B433,?,?,00000000,00007FF65175B6CE,?,?,?,?,?,00007FF65175B65A), ref: 00007FF65175C2A8
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Value
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3702945584-0
                                                                                                                                                                                                      • Opcode ID: 50c32e8d9fe0311b4360da7b91a6c5a72e638c679ebe3956b8dfb029fc0f8f81
                                                                                                                                                                                                      • Instruction ID: 70996b9902e08b9e475567f45880357111082f979dcc75c7b8adca7f4f28e24b
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 50c32e8d9fe0311b4360da7b91a6c5a72e638c679ebe3956b8dfb029fc0f8f81
                                                                                                                                                                                                      • Instruction Fuzzy Hash: D1117F20F0D24243FB58636D994123922855F487E0F5E4B34E93DF6ADFDE3CB4428201
                                                                                                                                                                                                      Function 00007FF65175C0B4 Relevance: 7.6, APIs: 5, Instructions: 50COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Value
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3702945584-0
                                                                                                                                                                                                      • Opcode ID: bf4d1f7d709ebe714733bd14ed6db638b851fa268c3c64d8b6a4b985dfd6be44
                                                                                                                                                                                                      • Instruction ID: 2da1e3f7327c72f3578ff6268d25157dd5b3dc010c69114e558ea02b38c05851
                                                                                                                                                                                                      • Opcode Fuzzy Hash: bf4d1f7d709ebe714733bd14ed6db638b851fa268c3c64d8b6a4b985dfd6be44
                                                                                                                                                                                                      • Instruction Fuzzy Hash: ED111550E0E20743FBA8623D485267A21864F4A760E6E0B34D93EFA6DFDD3CB4429251
                                                                                                                                                                                                      Function 00007FF651760A58 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 219COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID: UTF-16LEUNICODE$UTF-8$ccs
                                                                                                                                                                                                      • API String ID: 3215553584-1196891531
                                                                                                                                                                                                      • Opcode ID: cbd0801a0664652a437363c2176815b6ad829e29b9166d36b62ee28efe49830f
                                                                                                                                                                                                      • Instruction ID: c619fd29e2ebac3a6765572a0daae206021653d53200ceef4fa981d40a00d8a5
                                                                                                                                                                                                      • Opcode Fuzzy Hash: cbd0801a0664652a437363c2176815b6ad829e29b9166d36b62ee28efe49830f
                                                                                                                                                                                                      • Instruction Fuzzy Hash: AB818A32E0830A85F7655F2D85502BC2EA0EB11B88F5D9435DA0EF769FDF2DE9419701
                                                                                                                                                                                                      Function 00007FF65174E4D8 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 154COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentImageNonwritableUnwind__except_validate_context_record
                                                                                                                                                                                                      • String ID: csm
                                                                                                                                                                                                      • API String ID: 2395640692-1018135373
                                                                                                                                                                                                      • Opcode ID: 6d06903a11e4eccf6ced7483e1ee2fbd0b2764b28c3e0d7fde6b90923ce0bdce
                                                                                                                                                                                                      • Instruction ID: d9f3fd0c6768261c8a7d6772c8076b595f38c3ee78c8e13e3ec49b436829592b
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 6d06903a11e4eccf6ced7483e1ee2fbd0b2764b28c3e0d7fde6b90923ce0bdce
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 5D51B332B196028ADB54CF19E444E787391FB44BA8F194131DA8E9778EEFBCE891C741
                                                                                                                                                                                                      Function 00007FF65174FD68 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 146COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CallEncodePointerTranslator
                                                                                                                                                                                                      • String ID: MOC$RCC
                                                                                                                                                                                                      • API String ID: 3544855599-2084237596
                                                                                                                                                                                                      • Opcode ID: 4be1b3a6162807ade533e9a562a8ba477cdc1b9b8f7b7f7e0e02e5968d613ed2
                                                                                                                                                                                                      • Instruction ID: 000156eaeeb5db4dfc62712024fa39a4b24a99eba889543250088a48199d8334
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 4be1b3a6162807ade533e9a562a8ba477cdc1b9b8f7b7f7e0e02e5968d613ed2
                                                                                                                                                                                                      • Instruction Fuzzy Hash: BF615232908BC586D7709F19E4407AAB7A0FB85B94F084625EBDC57B9ADFBCD190CB40
                                                                                                                                                                                                      Function 00007FF651750118 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 146COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Frame$EmptyHandler3::StateUnwind__except_validate_context_record
                                                                                                                                                                                                      • String ID: csm$csm
                                                                                                                                                                                                      • API String ID: 3896166516-3733052814
                                                                                                                                                                                                      • Opcode ID: 43da3ea47f9807e60bb22aa6e51170387ab3b87be5e84f223723752f32086958
                                                                                                                                                                                                      • Instruction ID: 0c99357dfb266a8819d2ea985f144970fed7d0e32b0debc9d2d678cc202a7aa4
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 43da3ea47f9807e60bb22aa6e51170387ab3b87be5e84f223723752f32086958
                                                                                                                                                                                                      • Instruction Fuzzy Hash: BB517F329082828BEB748F29944436D7BA0EB55B94F5D413ADA9CE7B9BCF3CE451C701
                                                                                                                                                                                                      Function 00007FF820832838 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 137COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID: ..\s\crypto\async\async.c$T
                                                                                                                                                                                                      • API String ID: 0-2182492907
                                                                                                                                                                                                      • Opcode ID: ac192b6b304cdb6139a6fe66dc3cea53f885d9e76f6d747b349e50310ee4de06
                                                                                                                                                                                                      • Instruction ID: 403df2c501ba78b00789bd95854e439a296ad0617b942479e7acf254876c2344
                                                                                                                                                                                                      • Opcode Fuzzy Hash: ac192b6b304cdb6139a6fe66dc3cea53f885d9e76f6d747b349e50310ee4de06
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 99517D32B09A4286FB20DB21EC456BA7760EF88BC4F844035DA5E07B99EF3DF5499700
                                                                                                                                                                                                      Function 00007FF8208F6E10 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 129networkCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: getnameinfohtons
                                                                                                                                                                                                      • String ID: $..\s\crypto\bio\b_addr.c
                                                                                                                                                                                                      • API String ID: 1503050688-1606403076
                                                                                                                                                                                                      • Opcode ID: f72f23aa100ca097451733a3d238b8bb7c5d824c95d503b70d21c072e673a467
                                                                                                                                                                                                      • Instruction ID: b4bdae3a2c8b365dde8eb825af8eeed326c4c994447bd7bca3ccbce1c7123280
                                                                                                                                                                                                      • Opcode Fuzzy Hash: f72f23aa100ca097451733a3d238b8bb7c5d824c95d503b70d21c072e673a467
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 5F51B162B1864282FB209B26EC156BA7360EB847C4F804131EB8D477D6DF3DF9558700
                                                                                                                                                                                                      Function 00007FF820834E9E Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 85COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID: BIO[%p]: $bio callback - unknown type (%d)
                                                                                                                                                                                                      • API String ID: 0-3830480438
                                                                                                                                                                                                      • Opcode ID: 6f1ff04d6e4287baae76c3bcbd7f4eb6efa59816428f3f1b8dd31fd1c250f253
                                                                                                                                                                                                      • Instruction ID: f97cf6d9b82f0c77dbda52423a290c133425b96d07f569e92b3879fe1382c63e
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 6f1ff04d6e4287baae76c3bcbd7f4eb6efa59816428f3f1b8dd31fd1c250f253
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4531D162B09A8196FB219B65AC847BB6790BF8DBC4F804036EE4E43795DE3CF5458600
                                                                                                                                                                                                      Function 00007FF820833846 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 82COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID: ..\s\crypto\bio\b_sock.c$J$host=
                                                                                                                                                                                                      • API String ID: 0-1729655730
                                                                                                                                                                                                      • Opcode ID: fb7855fcd371f05ee0f8c06c4a9d3ff59d339786e254bf31641fa772ec444ff7
                                                                                                                                                                                                      • Instruction ID: 05659322385174d82665c3ef062e82ac5afd06fb34559f6744fa9e60ea494aae
                                                                                                                                                                                                      • Opcode Fuzzy Hash: fb7855fcd371f05ee0f8c06c4a9d3ff59d339786e254bf31641fa772ec444ff7
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 0E316B22B0864282EB209B65FC451AFA360FBC87C0F900435EB8D47B9ADF7DF5558B00
                                                                                                                                                                                                      Function 00007FF651748780 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 81COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • CreateDirectoryW.KERNEL32(00000000,?,00007FF6517437CC,?,?,00007FF651743991), ref: 00007FF651748892
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CreateDirectory
                                                                                                                                                                                                      • String ID: %.*s$%s%c$\
                                                                                                                                                                                                      • API String ID: 4241100979-1685191245
                                                                                                                                                                                                      • Opcode ID: f1cad8b64af19b31ed6db525a43790991c3f38777672dfa1776de8ee5b4a1fb8
                                                                                                                                                                                                      • Instruction ID: b5714003590fe314755c1ff431ba1edb9c544ec1bfc9857acc78789b7e786ec2
                                                                                                                                                                                                      • Opcode Fuzzy Hash: f1cad8b64af19b31ed6db525a43790991c3f38777672dfa1776de8ee5b4a1fb8
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 8E31A921B19AC545FB219B19E8107EA6358EF84BE0F480231EEED97BCEDF6CD6458700
                                                                                                                                                                                                      Function 00007FF8328B6990 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 77COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685906558.00007FF8328B1000.00000020.00000001.01000000.00000012.sdmp, Offset: 00007FF8328B0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685870583.00007FF8328B0000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685947239.00007FF8328C5000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685983863.00007FF8328CB000.00000004.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1686019669.00007FF8328CF000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff8328b0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Err_String
                                                                                                                                                                                                      • String ID: __init__$charset_normalizer.md.SuperWeirdWordPlugin$interpreted classes cannot inherit from compiled
                                                                                                                                                                                                      • API String ID: 1450464846-371468285
                                                                                                                                                                                                      • Opcode ID: 4f3ff7a867f58aa6a465063a6ea18f93fb1e25931f8326506989c99777fc10b2
                                                                                                                                                                                                      • Instruction ID: 49002e593b661d22e0e6df6d988fab31c90850b263180029f87a70bb61ce488a
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 4f3ff7a867f58aa6a465063a6ea18f93fb1e25931f8326506989c99777fc10b2
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4A410572A0AB6581EB108F29FC403A9B3A4FB48BC8F540539DA8D47368DFBDE495D340
                                                                                                                                                                                                      Function 00007FF8328B5D90 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 65COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685906558.00007FF8328B1000.00000020.00000001.01000000.00000012.sdmp, Offset: 00007FF8328B0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685870583.00007FF8328B0000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685947239.00007FF8328C5000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685983863.00007FF8328CB000.00000004.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1686019669.00007FF8328CF000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff8328b0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Err_String
                                                                                                                                                                                                      • String ID: __init__$charset_normalizer.md.SuspiciousDuplicateAccentPlugin$interpreted classes cannot inherit from compiled
                                                                                                                                                                                                      • API String ID: 1450464846-1506521901
                                                                                                                                                                                                      • Opcode ID: 2862b6192cc075ce52ea58cbd3bd7de839bc5196402815ded1b26a0be8522fa4
                                                                                                                                                                                                      • Instruction ID: 05a5c7e930359d0c061b437912f5283b29f0a1431ce53a4be80a7c5c2102b60e
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 2862b6192cc075ce52ea58cbd3bd7de839bc5196402815ded1b26a0be8522fa4
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 30311A35B0AB5681EB009B25EC842A9A3B0FF48BC8F940936DA4C57778EFBCE555D340
                                                                                                                                                                                                      Function 00007FF8328B5990 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 62COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685906558.00007FF8328B1000.00000020.00000001.01000000.00000012.sdmp, Offset: 00007FF8328B0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685870583.00007FF8328B0000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685947239.00007FF8328C5000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685983863.00007FF8328CB000.00000004.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1686019669.00007FF8328CF000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff8328b0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Err_String
                                                                                                                                                                                                      • String ID: __init__$charset_normalizer.md.UnprintablePlugin$interpreted classes cannot inherit from compiled
                                                                                                                                                                                                      • API String ID: 1450464846-116036081
                                                                                                                                                                                                      • Opcode ID: 591a201e3b90ef7f9b9a23a768022511f60b5e9946527c71f14a8df08404ea06
                                                                                                                                                                                                      • Instruction ID: 623f9972c0a9f5a1b7495f9b1c19e56401c940858ba7da2f39b4766b274ff559
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 591a201e3b90ef7f9b9a23a768022511f60b5e9946527c71f14a8df08404ea06
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 8F213721B0AB5681EB009B25FC402A9B3A0FF49BC8F940536DA4C57778EFBDE595D340
                                                                                                                                                                                                      Function 00007FF820711EC0 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 42COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • PyErr_SetString.PYTHON310(?,?,?,?,?,00007FF820711EAC), ref: 00007FF820713B59
                                                                                                                                                                                                        • Part of subcall function 00007FF820711FA0: strncmp.API-MS-WIN-CRT-STRING-L1-1-0 ref: 00007FF820711FD8
                                                                                                                                                                                                        • Part of subcall function 00007FF820711FA0: strncmp.API-MS-WIN-CRT-STRING-L1-1-0 ref: 00007FF820711FF6
                                                                                                                                                                                                      • PyErr_Format.PYTHON310 ref: 00007FF820711F23
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Err_strncmp$FormatString
                                                                                                                                                                                                      • String ID: name too long$undefined character name '%s'
                                                                                                                                                                                                      • API String ID: 3882229318-4056717002
                                                                                                                                                                                                      • Opcode ID: 16bc881f184cb8364390d1ecc0752210c1df55cf4409d1ac5f55d1ad321c9066
                                                                                                                                                                                                      • Instruction ID: e4d3e91bf2c343abfaee9df9a2488fcd688e7792f7f9c7f0f719613340071cc8
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 16bc881f184cb8364390d1ecc0752210c1df55cf4409d1ac5f55d1ad321c9066
                                                                                                                                                                                                      • Instruction Fuzzy Hash: DE11F1B5A199479AEB408B14EC842B4A365FB48B9AF850431CA1D473E1EF7EF18AC700
                                                                                                                                                                                                      Function 00007FF8328B9590 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 42COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685906558.00007FF8328B1000.00000020.00000001.01000000.00000012.sdmp, Offset: 00007FF8328B0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685870583.00007FF8328B0000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685947239.00007FF8328C5000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685983863.00007FF8328CB000.00000004.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1686019669.00007FF8328CF000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff8328b0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: DeallocErr_FormatMethodObject_Vectorcall
                                                                                                                                                                                                      • String ID: bool$eligible
                                                                                                                                                                                                      • API String ID: 2503426208-3320767611
                                                                                                                                                                                                      • Opcode ID: a690abfc4a3a9bdf0950b3aa77406cb3b848c6d3b5c57ed894a0a94edf633483
                                                                                                                                                                                                      • Instruction ID: d6c950daf5e9416ca4a4029a34a3d56c73f957c898cb126b4b5176c1851d05b7
                                                                                                                                                                                                      • Opcode Fuzzy Hash: a690abfc4a3a9bdf0950b3aa77406cb3b848c6d3b5c57ed894a0a94edf633483
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 1B118E60F0AA5680EF509B21FC812F963A0EF457C4F885035EA0D076B5DFACE481E700
                                                                                                                                                                                                      Function 00007FF82083139D Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 38networkCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ErrorLastsocket
                                                                                                                                                                                                      • String ID: ..\s\crypto\bio\b_sock2.c$2
                                                                                                                                                                                                      • API String ID: 1120909799-2051290508
                                                                                                                                                                                                      • Opcode ID: e6e0678db33773633ffedb91ac649e33e06e4e0a3b3b72e71866550694f6694c
                                                                                                                                                                                                      • Instruction ID: 58737f28d374958d48a30fcda70d6891140d1ea618cca4f475bdb89a26fde6ff
                                                                                                                                                                                                      • Opcode Fuzzy Hash: e6e0678db33773633ffedb91ac649e33e06e4e0a3b3b72e71866550694f6694c
                                                                                                                                                                                                      • Instruction Fuzzy Hash: A301A932B1854283E7209B22EC041BE6264FB887A4FA04235E76D43BE5CF3DF945CB40
                                                                                                                                                                                                      Function 00007FF821CE1410 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 27COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Err_LongLong_String
                                                                                                                                                                                                      • String ID: Invalid lgblock$Invalid lgblock. Can be 0 or in range 16 to 24.
                                                                                                                                                                                                      • API String ID: 568964304-2070589380
                                                                                                                                                                                                      • Opcode ID: 98ac89e9ae3e119ae39c4b923ceb1be476487f23198bc6fec9af8334a5baf927
                                                                                                                                                                                                      • Instruction ID: 367ec965e2004023a285310c88a375edce1a3ffdc0b97f216c7fcb4f61b00932
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 98ac89e9ae3e119ae39c4b923ceb1be476487f23198bc6fec9af8334a5baf927
                                                                                                                                                                                                      • Instruction Fuzzy Hash: A7F05EA5E08E47C2FB184B19EC442B82A90AF487C0FF45431D41CC5390DE5CF8E58700
                                                                                                                                                                                                      Function 00007FF821CE13B0 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 24COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Err_LongLong_String
                                                                                                                                                                                                      • String ID: Invalid lgwin$Invalid lgwin. Range is 10 to 24.
                                                                                                                                                                                                      • API String ID: 568964304-1865904581
                                                                                                                                                                                                      • Opcode ID: 7bd72e1ab808d5623974b6b25a33f8bd190c734804e523a2af81955fbb258cdb
                                                                                                                                                                                                      • Instruction ID: fd1cbb8a2058e4446451261aaddf7989b78b9e87f8048873f04a41e59c7f2551
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 7bd72e1ab808d5623974b6b25a33f8bd190c734804e523a2af81955fbb258cdb
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 94F0FEB9A05A06C6FB198B59D8942B827A0EF48B91FB45030D95D86360DE6DB4E5CB00
                                                                                                                                                                                                      Function 00007FF821CE1350 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 23COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Err_LongLong_String
                                                                                                                                                                                                      • String ID: Invalid quality$Invalid quality. Range is 0 to 11.
                                                                                                                                                                                                      • API String ID: 568964304-3078312006
                                                                                                                                                                                                      • Opcode ID: bf0f2c2d88753ce6f75839a482aaea8b1615882223bf6accab7f266c8a4c0845
                                                                                                                                                                                                      • Instruction ID: 5257b20e02ea65b7dfe7265eaa2d3343c64fb2477d9031ae09da8f87f6c926da
                                                                                                                                                                                                      • Opcode Fuzzy Hash: bf0f2c2d88753ce6f75839a482aaea8b1615882223bf6accab7f266c8a4c0845
                                                                                                                                                                                                      • Instruction Fuzzy Hash: F6F01CB5E08E46D6FB558B19DC842782AA0EF48BD1FB45030D50DC6350DE6DB4D58B00
                                                                                                                                                                                                      Function 00007FF821D10510 Relevance: 6.3, APIs: 4, Instructions: 321COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: memmove$exit
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 987259897-0
                                                                                                                                                                                                      • Opcode ID: 79d9dcba4dee088979e62e56151a7632dd868efc27c5ebe9eaf823a5f0b8b74d
                                                                                                                                                                                                      • Instruction ID: c46c4d00a426be1a61ca3bf76c4b29592c6d840bfe90ccd7e5b1650cfd3b25b1
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 79d9dcba4dee088979e62e56151a7632dd868efc27c5ebe9eaf823a5f0b8b74d
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 28D16A66609B81C2DB249B16E94436AB7A5FB88BD0F548432DF9E57B48DF3CE054C700
                                                                                                                                                                                                      Function 00007FF821D135B0 Relevance: 6.3, APIs: 4, Instructions: 318COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: memmove$exit
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 987259897-0
                                                                                                                                                                                                      • Opcode ID: 640fcf2c863d9de54116d5ac512887b9e22b6727d00535a97327216d7780aaef
                                                                                                                                                                                                      • Instruction ID: ca85cf15883b5a6b3bf60008ab3c18b331ed2d5ce1fd6a225db09465522c8922
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 640fcf2c863d9de54116d5ac512887b9e22b6727d00535a97327216d7780aaef
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 75D12966709B8192DF259B16E94836AF7A5FB88BE0F188435CE8E47B58DF3CE054C710
                                                                                                                                                                                                      Function 00007FF821D11D60 Relevance: 6.3, APIs: 4, Instructions: 318COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: memmove$exit
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 987259897-0
                                                                                                                                                                                                      • Opcode ID: 59702072734e8ad1273f19b6d99c79a4969c51d14cc5c672e670c6c0901996cd
                                                                                                                                                                                                      • Instruction ID: ff145246cca9683c6989e41b105ec102e6a1d8823025213b8383feb0e7c91bbd
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 59702072734e8ad1273f19b6d99c79a4969c51d14cc5c672e670c6c0901996cd
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 56D14966609B81C2DB258B16E94836AF7A5FB88BD0F188536DF8E47B58DF3CE050C714
                                                                                                                                                                                                      Function 00007FF65175D430 Relevance: 6.3, APIs: 4, Instructions: 299fileCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: FileWrite$ConsoleErrorLastOutput
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2718003287-0
                                                                                                                                                                                                      • Opcode ID: 66024a8efee63ca507785ae5bdcff78a5678cf43b823743de2dc90b43ef89417
                                                                                                                                                                                                      • Instruction ID: 95da1e855082c8f56ebeea63d2baa8276dafae0d5a33a4fdee341cf974801a72
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 66024a8efee63ca507785ae5bdcff78a5678cf43b823743de2dc90b43ef89417
                                                                                                                                                                                                      • Instruction Fuzzy Hash: BBD10276B08A818AE710CF79D4402AC37B1FB457D8B194236CE5EA7B9EDE39E546C300
                                                                                                                                                                                                      Function 00007FF820831064 Relevance: 6.3, APIs: 1, Strings: 3, Instructions: 275stringCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: strncpy
                                                                                                                                                                                                      • String ID: ..\s\crypto\x509\x509_obj.c$0123456789ABCDEF$NO X509_NAME
                                                                                                                                                                                                      • API String ID: 3301158039-3422593365
                                                                                                                                                                                                      • Opcode ID: aa8fc51b5346483b9544813db975ddf6e862549e2500f4a9ea9c6f6f415424cc
                                                                                                                                                                                                      • Instruction ID: e2552ef1ffa65329430572a119cfb6b57df59c3fbe27295f8b37acf3b507a73e
                                                                                                                                                                                                      • Opcode Fuzzy Hash: aa8fc51b5346483b9544813db975ddf6e862549e2500f4a9ea9c6f6f415424cc
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 0FB1B027A0868686EB618F16EC4137ABBA0FB89BD8F944135DE4F4B785DE7CF4458700
                                                                                                                                                                                                      Function 00007FF821D18880 Relevance: 6.2, APIs: 4, Instructions: 227COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • log2.API-MS-WIN-CRT-MATH-L1-1-0(00000000,?,?,00007FF821D18FCA), ref: 00007FF821D1894A
                                                                                                                                                                                                      • log2.API-MS-WIN-CRT-MATH-L1-1-0(00000000,?,?,00007FF821D18FCA), ref: 00007FF821D1898F
                                                                                                                                                                                                      • log2.API-MS-WIN-CRT-MATH-L1-1-0(00000000,?,?,00007FF821D18FCA), ref: 00007FF821D189D4
                                                                                                                                                                                                      • memmove.VCRUNTIME140(00000000,?,?,00007FF821D18FCA), ref: 00007FF821D18A95
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: log2$memmove
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3336697533-0
                                                                                                                                                                                                      • Opcode ID: 37c08e7e4291ae7c0fd9f5e7d1ae2ed9a98bb0acaa0912484a1cbda665e6c135
                                                                                                                                                                                                      • Instruction ID: 6e638fbe42797891687a8f1f57c16ef6e81892a9ba6a6af05fa6919f6dd9605e
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 37c08e7e4291ae7c0fd9f5e7d1ae2ed9a98bb0acaa0912484a1cbda665e6c135
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 88B1B322A18F85C6E712CB3895013BAB765FF997C4F249732DB8A66651DF38B592C300
                                                                                                                                                                                                      Function 00007FF821D19140 Relevance: 6.2, APIs: 4, Instructions: 227COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • log2.API-MS-WIN-CRT-MATH-L1-1-0(00000000,?,?,00007FF821D1988A), ref: 00007FF821D1920A
                                                                                                                                                                                                      • log2.API-MS-WIN-CRT-MATH-L1-1-0(00000000,?,?,00007FF821D1988A), ref: 00007FF821D1924F
                                                                                                                                                                                                      • log2.API-MS-WIN-CRT-MATH-L1-1-0(00000000,?,?,00007FF821D1988A), ref: 00007FF821D19294
                                                                                                                                                                                                      • memmove.VCRUNTIME140(00000000,?,?,00007FF821D1988A), ref: 00007FF821D19355
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: log2$memmove
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 3336697533-0
                                                                                                                                                                                                      • Opcode ID: 1680cdc6a483d2b4af0fd29261cfd8d16fc7ddb78b32cb5b10661259ba284ebb
                                                                                                                                                                                                      • Instruction ID: d44e4018b8c6453475e18036729afffe055100d637c7585ffab4ae1f562a9ce5
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 1680cdc6a483d2b4af0fd29261cfd8d16fc7ddb78b32cb5b10661259ba284ebb
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4BB19422A18F85C6E7168F3894413B9B764FFA97C4F249332DB8E66651DF38E5928300
                                                                                                                                                                                                      Function 00007FF65175DDF0 Relevance: 6.2, APIs: 4, Instructions: 218COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • GetConsoleMode.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF65175DDDB), ref: 00007FF65175DF0C
                                                                                                                                                                                                      • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF65175DDDB), ref: 00007FF65175DF97
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ConsoleErrorLastMode
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 953036326-0
                                                                                                                                                                                                      • Opcode ID: 166a3c9b3234785f47c0885528a8716e8cc121542d06da8e3a63f31bbb850efd
                                                                                                                                                                                                      • Instruction ID: cb9582063ad919de09e82d939029864f7d272196f6068f7799904e30490cffe5
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 166a3c9b3234785f47c0885528a8716e8cc121542d06da8e3a63f31bbb850efd
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 2D91D526F0865686F7609F2DD4402BD6BA0BB44B88F194139DE4EB7A9EDF3CD582C700
                                                                                                                                                                                                      Function 00007FF820832DF1 Relevance: 6.2, APIs: 2, Strings: 2, Instructions: 173COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ErrorLast
                                                                                                                                                                                                      • String ID: Operation not permitted$unknown
                                                                                                                                                                                                      • API String ID: 1452528299-31098287
                                                                                                                                                                                                      • Opcode ID: 864ea481fafe033e874e9176bf72819e543589e1421e14667431458ab112ffc6
                                                                                                                                                                                                      • Instruction ID: 870ac8ca5d6a45552a56fb96a59bc1eb3fbcf4efbec01dc7dc7f5a4a0697049c
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 864ea481fafe033e874e9176bf72819e543589e1421e14667431458ab112ffc6
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 1D811521E1964A86FB609B51EC583BE6BA0FF89BC4F844475DA8E87799DE7CF4408700
                                                                                                                                                                                                      Function 00007FF820711FA0 Relevance: 6.2, APIs: 2, Strings: 2, Instructions: 173stringCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: strncmp
                                                                                                                                                                                                      • String ID: CJK UNIFIED IDEOGRAPH-$HANGUL SYLLABLE
                                                                                                                                                                                                      • API String ID: 1114863663-87138338
                                                                                                                                                                                                      • Opcode ID: c98c5b1ab0b2a8d827254fbc7c4625d595eb4019985d1d621710d4bb056f2700
                                                                                                                                                                                                      • Instruction ID: 4c67d53f3489cc18606fed03bd0a564dde827e4b15a369623471c0e6bb28a548
                                                                                                                                                                                                      • Opcode Fuzzy Hash: c98c5b1ab0b2a8d827254fbc7c4625d595eb4019985d1d621710d4bb056f2700
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 35611532B182464AE6608A19AC406BAF252FF94BD1F444335EA5D477C9DF3EF957CB00
                                                                                                                                                                                                      Function 00007FF821D30740 Relevance: 6.2, APIs: 4, Instructions: 163COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: memmove$exitmemset
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2725257846-0
                                                                                                                                                                                                      • Opcode ID: 7667acfe8cd979c61ef8322217f9533025dc7a57991cc5d72a4afbdb4d25e19c
                                                                                                                                                                                                      • Instruction ID: 7cb0fe3edb316a5ac64c1876fe5f639d7adc360acb4f09bd5a7e782311b63d35
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 7667acfe8cd979c61ef8322217f9533025dc7a57991cc5d72a4afbdb4d25e19c
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 21611672A09B91C2EB65DB12E9443AAB7A4FB48B84F584035DE8E87754EF3CE490C750
                                                                                                                                                                                                      Function 00007FF65176081C Relevance: 6.2, APIs: 4, Instructions: 162COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _get_daylight$_isindst
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 4170891091-0
                                                                                                                                                                                                      • Opcode ID: 82d75ea4ed38acbe1bdd5a9cb20d7e9acbad6c88499b96c74728dc6f26a76436
                                                                                                                                                                                                      • Instruction ID: 78ffa195e8cf438db2c80147ea5e11c603533c5f456065487c1bfe3c141d6136
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 82d75ea4ed38acbe1bdd5a9cb20d7e9acbad6c88499b96c74728dc6f26a76436
                                                                                                                                                                                                      • Instruction Fuzzy Hash: C051F972F0425A8AFB18DF7CD9556BC2B61BB14398F580235DD1EE2ADADF38A542C700
                                                                                                                                                                                                      Function 00007FF8208E3690 Relevance: 6.2, APIs: 3, Strings: 1, Instructions: 155stringCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: strncmp
                                                                                                                                                                                                      • String ID: content-type
                                                                                                                                                                                                      • API String ID: 1114863663-3266185539
                                                                                                                                                                                                      • Opcode ID: 77091d867468ff226aeace1cc112f2d1c520925390514769c243863f8738f567
                                                                                                                                                                                                      • Instruction ID: d7e743c517721b68de84349e323f80255c8cc505d37d53c31970b35977a26f60
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 77091d867468ff226aeace1cc112f2d1c520925390514769c243863f8738f567
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 525107A2F1C65341FA609726AD9537B6291BF89BD4F845230FE5E47BD5DE2CF9028300
                                                                                                                                                                                                      Function 00007FF821D16C30 Relevance: 6.2, APIs: 4, Instructions: 154COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: memset$exit
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2160831268-0
                                                                                                                                                                                                      • Opcode ID: ff7542eb6b03d18410631e71f5cf1605c2db0e3aae92597e952d8736e1c6e287
                                                                                                                                                                                                      • Instruction ID: a73040b013ede376aacb85bdd4b475c6341c6e5bfb71d30dc8398474aea2c3d1
                                                                                                                                                                                                      • Opcode Fuzzy Hash: ff7542eb6b03d18410631e71f5cf1605c2db0e3aae92597e952d8736e1c6e287
                                                                                                                                                                                                      • Instruction Fuzzy Hash: CD71E136608BC486D760CB12F88079AB7A4F788BC4F548126EECD53B58DF38D155CB40
                                                                                                                                                                                                      Function 00007FF821D2FC90 Relevance: 6.1, APIs: 4, Instructions: 135COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: memmove$exitmemset
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2725257846-0
                                                                                                                                                                                                      • Opcode ID: 23cfdeea8cd9a323e5b039c749b7dda14dfd5c35ac79cae9b21fed405305592a
                                                                                                                                                                                                      • Instruction ID: 618186b9e8fc9948dbed21558a64ba49334b2f524901a5d4c26906a39e2168d3
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 23cfdeea8cd9a323e5b039c749b7dda14dfd5c35ac79cae9b21fed405305592a
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4A512B72609F8182DB658F16E9443AAB7A4FB48BC4F584536DFAE87B55DF3CE0908340
                                                                                                                                                                                                      Function 00007FF821D2E640 Relevance: 6.1, APIs: 4, Instructions: 135COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: memmove$exitmemset
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2725257846-0
                                                                                                                                                                                                      • Opcode ID: d9c9cb1ef6c5c71233e29e4e1958d91413e7428d0f52581b9b1aba8afdf679da
                                                                                                                                                                                                      • Instruction ID: a3a31d2d4c93aea5e49cd28945428fb4e918d172da941fa50744719d125892ff
                                                                                                                                                                                                      • Opcode Fuzzy Hash: d9c9cb1ef6c5c71233e29e4e1958d91413e7428d0f52581b9b1aba8afdf679da
                                                                                                                                                                                                      • Instruction Fuzzy Hash: F451FB72605B8182EB658F22E944369B7A4FB48BC4F684536DA9E87B55DF3CE0908344
                                                                                                                                                                                                      Function 00007FF821D2F1E0 Relevance: 6.1, APIs: 4, Instructions: 135COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: memmove$exitmemset
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2725257846-0
                                                                                                                                                                                                      • Opcode ID: 493e27849c4cb9e9b95d7c30d5e6413da0b50b6e21a947d19d361f36feff194b
                                                                                                                                                                                                      • Instruction ID: 6d32aa2614536454e1343275e5ed83246158fd894d893474568de05086c09e87
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 493e27849c4cb9e9b95d7c30d5e6413da0b50b6e21a947d19d361f36feff194b
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 5C513872609F8182DB658F12E9403AAB7A4FB49BC4F584936DE9E87B55DF3CE490C340
                                                                                                                                                                                                      Function 00007FF65175660C Relevance: 6.1, APIs: 4, Instructions: 119pipeCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: File$ErrorHandleInformationLastNamedPeekPipeType
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2780335769-0
                                                                                                                                                                                                      • Opcode ID: 4ccfc96ddbfee78b4fd39776d8ebd43501299f8ad26c04ff2c64eaa07cfe321b
                                                                                                                                                                                                      • Instruction ID: dc7a5ab2dc7cde4b94e5106d73731a7ac4b6b0d7c74ce84d482407f36b7211c9
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 4ccfc96ddbfee78b4fd39776d8ebd43501299f8ad26c04ff2c64eaa07cfe321b
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 7A517E26E046418AFB10DF79D4503BD27B1AB48B98F194935EE0DA768EEF38D491C704
                                                                                                                                                                                                      Function 00007FF821D19CA0 Relevance: 6.1, APIs: 4, Instructions: 115COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: memmove$exitmemset
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2725257846-0
                                                                                                                                                                                                      • Opcode ID: a32b4bb5653312606587a6e74c96ac44aa3f345004107e7812205a3e2226a543
                                                                                                                                                                                                      • Instruction ID: 9fc83d68e3d177444b1fcea0060e81ddcdf60b236eb6a262b88c8ed0b4447fb1
                                                                                                                                                                                                      • Opcode Fuzzy Hash: a32b4bb5653312606587a6e74c96ac44aa3f345004107e7812205a3e2226a543
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 3B41F472B04B4182EB189E0AE84452AFB55FB85BD0FA98235DEAD87794DF3CE441C740
                                                                                                                                                                                                      Function 00007FF651742660 Relevance: 6.0, APIs: 4, Instructions: 44windowCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: DebugMessageOutputString$ByteCharMultiWide
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2053247551-0
                                                                                                                                                                                                      • Opcode ID: 5017166035da83f72ec5c6f0ebe3249bdfa21e400b60e2840d32238a23ff38f5
                                                                                                                                                                                                      • Instruction ID: 81ef1cfc7e785493fe3f1e1bef3a9f91a9de90c3a420a78853cbd6f9dbf62270
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 5017166035da83f72ec5c6f0ebe3249bdfa21e400b60e2840d32238a23ff38f5
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 8F01C862B0878681EB309B19F8042A96721FF58BC4F480131DE8DA7B9FDF2CE509C700
                                                                                                                                                                                                      Function 00007FF65174DEA0 Relevance: 6.0, APIs: 4, Instructions: 39timethreadCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                      • API String ID: 2933794660-0
                                                                                                                                                                                                      • Opcode ID: 014d93effff5caf25bf47e118e036704a97445821d38eae0d866a55af4ca8f31
                                                                                                                                                                                                      • Instruction ID: e561106fadb05e700675d1b0dbfbba20de7cf25394edba92784c3834dd4dcf2e
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 014d93effff5caf25bf47e118e036704a97445821d38eae0d866a55af4ca8f31
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 86113C26B18F068AEB00CFA4E8542B933A4FB19758F480E31DE6D967A9DF78D555C340
                                                                                                                                                                                                      Function 00007FF820836A23 Relevance: 5.6, APIs: 1, Strings: 2, Instructions: 330COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                      • String ID: ..\s\crypto\engine\eng_ctrl.c$b
                                                                                                                                                                                                      • API String ID: 0-1836817417
                                                                                                                                                                                                      • Opcode ID: 81578ff1b17706f1e3e9fb800d66550516f8ba6bbcffc65290ac54bc7c0ad89f
                                                                                                                                                                                                      • Instruction ID: 1ceda250a7d51d53f8c0b94edfea7389342feeea5d2d7f8a5922596b94d2f7a4
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 81578ff1b17706f1e3e9fb800d66550516f8ba6bbcffc65290ac54bc7c0ad89f
                                                                                                                                                                                                      • Instruction Fuzzy Hash: E8E16932B0C64A86FB648B92DC587BA27A1BB84784F544139DA8E07B95DF3DF985C700
                                                                                                                                                                                                      Function 00007FF821D18460 Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 252COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: exitmemmove
                                                                                                                                                                                                      • String ID: @
                                                                                                                                                                                                      • API String ID: 1790971451-2766056989
                                                                                                                                                                                                      • Opcode ID: fb4b732d7ba2ad41e51b609ce057e87b5d2821d6290d3fdf268689399a755141
                                                                                                                                                                                                      • Instruction ID: 79d85a7530776848f719f872368319e24985fe461e0944e1ed078a6f660763ab
                                                                                                                                                                                                      • Opcode Fuzzy Hash: fb4b732d7ba2ad41e51b609ce057e87b5d2821d6290d3fdf268689399a755141
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 94B15A26A08FC582DB20CB15E9083AAA765F788FC4F289625DF8D57B49DF3CE185C700
                                                                                                                                                                                                      Function 00007FF6517669AC Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 121COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _get_daylight$_invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID: ?
                                                                                                                                                                                                      • API String ID: 1286766494-1684325040
                                                                                                                                                                                                      • Opcode ID: 1f4d18330ddf8ab85e4e8910917b7e57ed6c5fadf770207633ba2592aebb394f
                                                                                                                                                                                                      • Instruction ID: d695bd22da35e5754641c25c1d4d97d998b197b86ed933433606e195c6b49650
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 1f4d18330ddf8ab85e4e8910917b7e57ed6c5fadf770207633ba2592aebb394f
                                                                                                                                                                                                      • Instruction Fuzzy Hash: A2412722A0838A46FB209B2AD44137D6A51EB80BA4F6C4235FE5D97ADFDF3CD541C704
                                                                                                                                                                                                      Function 00007FF820832748 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 118COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _time64
                                                                                                                                                                                                      • String ID: %02d%02d%02d%02d%02d%02dZ$%04d%02d%02d%02d%02d%02dZ
                                                                                                                                                                                                      • API String ID: 1670930206-2648760357
                                                                                                                                                                                                      • Opcode ID: 44843c6316de3de0d0998b74d2a3bbc3a6269f6be012f31292ad9ddc303ef141
                                                                                                                                                                                                      • Instruction ID: dcfaf5f1d480bdfd522d3f9f8903b22b1d348293e4dd7bb164de52592fe8e70f
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 44843c6316de3de0d0998b74d2a3bbc3a6269f6be012f31292ad9ddc303ef141
                                                                                                                                                                                                      • Instruction Fuzzy Hash: E9512B72B187858AE760CF69FC4066AB7A0FB99790F544135EA8D87B59EF7CF4408B00
                                                                                                                                                                                                      Function 00007FF820831613 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 116COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: getaddrinfo
                                                                                                                                                                                                      • String ID: ..\s\crypto\bio\b_addr.c
                                                                                                                                                                                                      • API String ID: 300660673-2547254400
                                                                                                                                                                                                      • Opcode ID: ff362b2e146a9955ea5a374bf5228206e2dd813b74c8d22398f2e98f30882444
                                                                                                                                                                                                      • Instruction ID: 1bef2965aca8f41abd09a1f7689096b4aa4d404a9225eb9bd9ca288564cd96cb
                                                                                                                                                                                                      • Opcode Fuzzy Hash: ff362b2e146a9955ea5a374bf5228206e2dd813b74c8d22398f2e98f30882444
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 28419472B1869287E7509B26AC456BA7760FB887C0F504235EB8A43B85DF7CF8558B40
                                                                                                                                                                                                      Function 00007FF651759EA4 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 111COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • _invalid_parameter_noinfo.LIBCMT ref: 00007FF651759ED6
                                                                                                                                                                                                        • Part of subcall function 00007FF65175B7D8: HeapFree.KERNEL32(?,?,?,00007FF651763BB2,?,?,?,00007FF651763BEF,?,?,00000000,00007FF6517640B5,?,?,?,00007FF651763FE7), ref: 00007FF65175B7EE
                                                                                                                                                                                                        • Part of subcall function 00007FF65175B7D8: GetLastError.KERNEL32(?,?,?,00007FF651763BB2,?,?,?,00007FF651763BEF,?,?,00000000,00007FF6517640B5,?,?,?,00007FF651763FE7), ref: 00007FF65175B7F8
                                                                                                                                                                                                      • GetModuleFileNameW.KERNEL32(?,?,?,?,?,00007FF65174DA35), ref: 00007FF651759EF4
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ErrorFileFreeHeapLastModuleName_invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID: C:\Users\user\Desktop\fAatfRnCZ5.exe
                                                                                                                                                                                                      • API String ID: 3580290477-180557381
                                                                                                                                                                                                      • Opcode ID: 17c1e4c141086a11aa2f6cb50b195dbec35bb56674ee08ecaa406aa3e703ae8f
                                                                                                                                                                                                      • Instruction ID: cbb58934324d53fe3eea70a5da31ba7662fc4622dba639f73d0e06d85f74ff97
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 17c1e4c141086a11aa2f6cb50b195dbec35bb56674ee08ecaa406aa3e703ae8f
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 3A416F36A08B1297EB54EF29D8800BD27D5EF457C4B5E4036E90DA7B8AEF3CE4818740
                                                                                                                                                                                                      Function 00007FF821D0A300 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 101COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: log2
                                                                                                                                                                                                      • String ID: Tg]@
                                                                                                                                                                                                      • API String ID: 4048861018-1367013573
                                                                                                                                                                                                      • Opcode ID: 314978e01d248754fc8a1f8367cd94a51ede3c6cab710bddc8371ba00d0dbb51
                                                                                                                                                                                                      • Instruction ID: 46a93a3d7f516a416066708d36b6e9789f029ab11ad3a6c51a4bc96d98d2eabe
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 314978e01d248754fc8a1f8367cd94a51ede3c6cab710bddc8371ba00d0dbb51
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 2241F632A15F49CAD7128B7698002ADBB90FF49BC4F248331EA0E67754DF79F192C600
                                                                                                                                                                                                      Function 00007FF65175DAC8 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 100fileCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ErrorFileLastWrite
                                                                                                                                                                                                      • String ID: U
                                                                                                                                                                                                      • API String ID: 442123175-4171548499
                                                                                                                                                                                                      • Opcode ID: f9c316fb67ba2be537d208413cf1220e477e2a5b4c7a1811549ade85e5129248
                                                                                                                                                                                                      • Instruction ID: 09423772c9f1a9afb350fb9f0c07bf0012678e9603fe5f54268a0167537dcd40
                                                                                                                                                                                                      • Opcode Fuzzy Hash: f9c316fb67ba2be537d208413cf1220e477e2a5b4c7a1811549ade85e5129248
                                                                                                                                                                                                      • Instruction Fuzzy Hash: CF41D522B19A4586DB20CF29E4443A9B7A1FB987C4F494031EE8DD7799DF7CD541C740
                                                                                                                                                                                                      Function 00007FF651760448 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 66COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: CurrentDirectory
                                                                                                                                                                                                      • String ID: :
                                                                                                                                                                                                      • API String ID: 1611563598-336475711
                                                                                                                                                                                                      • Opcode ID: 823ff1df7ce15cbafae7b6eebc5e913e8bc0b4dba4262e1bbb46a3e01fc3d5ed
                                                                                                                                                                                                      • Instruction ID: 93260058d1dfb026d79110059c624d3b985474abcf88693bd82f3aa5c92708eb
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 823ff1df7ce15cbafae7b6eebc5e913e8bc0b4dba4262e1bbb46a3e01fc3d5ed
                                                                                                                                                                                                      • Instruction Fuzzy Hash: B721E772B0868982EB209B19D44427D77B2FB84B84F994035DA8DA368BDF7CE945C740
                                                                                                                                                                                                      Function 00007FF82083338C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 61networkCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ErrorLastgetsockname
                                                                                                                                                                                                      • String ID: ..\s\crypto\bio\b_sock.c
                                                                                                                                                                                                      • API String ID: 566540725-540685895
                                                                                                                                                                                                      • Opcode ID: 5eba5f4fb37063eb421bd785aab33e1d3d53f176506f7daf47244a11d094d287
                                                                                                                                                                                                      • Instruction ID: 95bef80b9db4da3403d53226c962923df671938a247887a9f3168a82c5297fb9
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 5eba5f4fb37063eb421bd785aab33e1d3d53f176506f7daf47244a11d094d287
                                                                                                                                                                                                      • Instruction Fuzzy Hash: DA2198B2B1850696E720DB60EC056EE7360EF84394F804531E69D42BE5DF7DF699CB40
                                                                                                                                                                                                      Function 00007FF651750BD8 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 44COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ExceptionFileHeaderRaise
                                                                                                                                                                                                      • String ID: csm
                                                                                                                                                                                                      • API String ID: 2573137834-1018135373
                                                                                                                                                                                                      • Opcode ID: f7ca8b4ebdc19bd2a8daca7b92626e44264ed40d37d4c7e07f6c53dbae7fecdd
                                                                                                                                                                                                      • Instruction ID: 9da490f9385100662b9dffe2ec42c7eedae94004345751c525cc789157e3e893
                                                                                                                                                                                                      • Opcode Fuzzy Hash: f7ca8b4ebdc19bd2a8daca7b92626e44264ed40d37d4c7e07f6c53dbae7fecdd
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 86116032618B8482EB218F19F4002697BE1FB88B84F5D4235DE8D57B59DF3CC551CB00
                                                                                                                                                                                                      Function 00007FF6517615CC Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 36COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683405270.00007FF651741000.00000020.00000001.01000000.00000004.sdmp, Offset: 00007FF651740000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683368829.00007FF651740000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683453131.00007FF65176C000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651782000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683492024.00007FF651785000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683558434.00007FF651788000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff651740000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: DriveType_invalid_parameter_noinfo
                                                                                                                                                                                                      • String ID: :
                                                                                                                                                                                                      • API String ID: 2595371189-336475711
                                                                                                                                                                                                      • Opcode ID: ea2191d5d0cf109ba06c2fb9ac991aec13a9c9b56c21ad2cfb2546a21836219d
                                                                                                                                                                                                      • Instruction ID: 52bf7f2bd8eb788dd680585216be884babca4e97e1e6ab64c48d3d14cbf165ef
                                                                                                                                                                                                      • Opcode Fuzzy Hash: ea2191d5d0cf109ba06c2fb9ac991aec13a9c9b56c21ad2cfb2546a21836219d
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 8201D666A1C20786FB20AF68D46527E33A0EF84745F8D0436D54DE269BDF3CE945CB14
                                                                                                                                                                                                      Function 00007FF8208315AF Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 31COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: _time64
                                                                                                                                                                                                      • String ID: !$..\s\crypto\ct\ct_policy.c
                                                                                                                                                                                                      • API String ID: 1670930206-3401457818
                                                                                                                                                                                                      • Opcode ID: 41d28416bb1dd7431bd0a70a1931645fdd79a2faeae407858b637da7c2c5ddb3
                                                                                                                                                                                                      • Instruction ID: 7ad5a837ba3ffee0d56a0217354bb24a11bf0fb02538604ce7106e2f41089550
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 41d28416bb1dd7431bd0a70a1931645fdd79a2faeae407858b637da7c2c5ddb3
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 07F06D32B1A606C2EB549B68DC063BE6391EF84784F840034DA0E06BD1EE3CF656DB44
                                                                                                                                                                                                      Function 00007FF820714EC8 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 31COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: String$Err_FromUnicode_
                                                                                                                                                                                                      • String ID: no such name
                                                                                                                                                                                                      • API String ID: 3678473424-4211486178
                                                                                                                                                                                                      • Opcode ID: 395a9204b06d10842d27ff1401529a2fab2db4c300028d58aebe2a064ec5b4ca
                                                                                                                                                                                                      • Instruction ID: d906d5b33d4cfcadb26a4649ce1c3057296c74159d6973ce6d4a92131c9aaefd
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 395a9204b06d10842d27ff1401529a2fab2db4c300028d58aebe2a064ec5b4ca
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 50011D75A28A4A96EA619B11EC143B5A3A4BF9CBC6F441031DE4E46795DF2DF1068600
                                                                                                                                                                                                      Function 00007FF821CE12F0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 23COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1685674931.00007FF821CE1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF821CE0000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685637789.00007FF821CE0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685734088.00007FF821D35000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685801679.00007FF821DA7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1685834761.00007FF821DA8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff821ce0000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Err_LongLong_String
                                                                                                                                                                                                      • String ID: Invalid mode
                                                                                                                                                                                                      • API String ID: 568964304-431149109
                                                                                                                                                                                                      • Opcode ID: 2e3b143024fffb948b6d36cb644d747681586ed00adecaaa304b2e3236bd7830
                                                                                                                                                                                                      • Instruction ID: 23eba63996e253a2d532da73c6fd4b3e73c887cdd9be7eb5dba675247f22cbbf
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 2e3b143024fffb948b6d36cb644d747681586ed00adecaaa304b2e3236bd7830
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 76F030B1A04A46C1F7155769D88427C2690EF44BD1FF85470C50CC6B50DE1DA4E5C700
                                                                                                                                                                                                      Function 00007FF820836BEA Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 21networkCOMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683991877.00007FF820831000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF820830000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683954253.00007FF820830000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF82083D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820895000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208A9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208B9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF8208CD000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683991877.00007FF820A7E000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820A80000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820AAB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820ADD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684403570.00007FF820B02000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684592083.00007FF820B50000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684626150.00007FF820B56000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B58000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B75000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1684658248.00007FF820B79000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820830000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: ErrorLastioctlsocket
                                                                                                                                                                                                      • String ID: ..\s\crypto\bio\b_sock.c
                                                                                                                                                                                                      • API String ID: 1021210092-540685895
                                                                                                                                                                                                      • Opcode ID: 874f4edec6eb816a1ff5eb4e5d2cc5ac46c60ec8e5f89df9828d11ec1872b5a1
                                                                                                                                                                                                      • Instruction ID: d05a9afcb386afb7dd9905b42b9c40c9ad3803b5c4a5062e8af862dc44355d2c
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 874f4edec6eb816a1ff5eb4e5d2cc5ac46c60ec8e5f89df9828d11ec1872b5a1
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 96E0D851F1950387F3205B70DC1977B2310EF48785F400530D90E827A1DF3DF1988600
                                                                                                                                                                                                      Function 00007FF820712610 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 19COMMON
                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                      APIs
                                                                                                                                                                                                      • _PyObject_GC_New.PYTHON310(?,?,00000000,00007FF820712523), ref: 00007FF820712616
                                                                                                                                                                                                      • PyObject_GC_Track.PYTHON310(?,?,00000000,00007FF820712523), ref: 00007FF820712648
                                                                                                                                                                                                      Strings
                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                      • Source File: 00000008.00000002.1683632825.00007FF820711000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF820710000, based on PE: true
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683597970.00007FF820710000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820716000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF820774000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF8207C3000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683670735.00007FF82081C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683884249.00007FF82081F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      • Associated: 00000008.00000002.1683917882.00007FF820821000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                      • Snapshot File: hcaresult_8_2_7ff820710000_fAatfRnCZ5.jbxd
                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                      • API ID: Object_$Track
                                                                                                                                                                                                      • String ID: 3.2.0
                                                                                                                                                                                                      • API String ID: 16854473-1786766648
                                                                                                                                                                                                      • Opcode ID: 130b53709363e2619516061a5c988ffa53525eb8ea4b72339361dea2d0428f1f
                                                                                                                                                                                                      • Instruction ID: 9fa7a61fd470ef971fb038d8dc730e776038063dd06e8ade0face5e697803321
                                                                                                                                                                                                      • Opcode Fuzzy Hash: 130b53709363e2619516061a5c988ffa53525eb8ea4b72339361dea2d0428f1f
                                                                                                                                                                                                      • Instruction Fuzzy Hash: 84E0E524A0AB0699EB158B21AC41064A2A8BF18BD2B440135CD4D023A0EF3EF1A6C640